last executing test programs:

5m9.793543582s ago: executing program 1 (id=1464):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00')
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15) (async)
madvise$auto(0x0, 0x8000000000000000, 0x15)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0) (async)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) (async)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8})
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x30, 0x80000006, 0x4)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1ff, 0x7, 0x42, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x4, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x8100000, [0x0, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0x6, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x9, 0x0, 0x5, 0xfffffffffffffffe, 0xffffffffffffbfff, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xfff, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000080000, 0x7, 0x2]}, 0x1fe, 0xd) (async)
statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1ff, 0x7, 0x42, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x4, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x8100000, [0x0, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0x6, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x9, 0x0, 0x5, 0xfffffffffffffffe, 0xffffffffffffbfff, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xfff, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000080000, 0x7, 0x2]}, 0x1fe, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) (async)
mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SETHMAC(r1, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001400)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008000) (async)
sendmsg$auto_SEG6_CMD_SETHMAC(r1, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001400)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008000)
socket(0x15, 0x5, 0x0) (async)
socket(0x15, 0x5, 0x0)

5m7.757795932s ago: executing program 1 (id=1472):
mmap$auto(0x7, 0x400004, 0x401, 0x1c, 0x2, 0x1)
mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, 0x0, 0x48402, 0x0)
mmap$auto(0x9, 0x20009, 0x4000000000de, 0xeb5, 0x401, 0x6)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
socket(0x10, 0x2, 0xf)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00')
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r2 = socket(0x2, 0x2, 0x1)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r2, 0x10000}, 0x10)
write$auto_sg_fops_sg(0xffffffffffffffff, 0x0, 0x0)

5m6.885902041s ago: executing program 1 (id=1475):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r0 = semctl$auto(0x8, 0x804, 0x13, 0x0)
r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC0D0p\x00', 0x40, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE_OLD(r1, 0xc1004110, 0x0) (async)
socket(0x28, 0x1, 0x0) (async)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000)
prctl$auto_PR_SET_MM_START_BRK(0xdc2f, 0x6, r0, 0x9, 0x420a56f0) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0x10, 0x40000000000a5, 0x8000) (async)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon1\x00', 0x4ad03, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x6d4382, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) (async)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={<r3=>0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3)
syz_open_procfs$namespace(r3, 0x0)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00')
fremovexattr$auto(r4, 0x0) (async)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x4c0c03, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) (async)
getsockopt$auto(0x3, 0x200000000001, 0x41, 0x0, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)={0x34, r6, 0x1, 0x2070bd26, 0x25dfdbfd, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, '\x00\x00\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0xffffffffffffffff}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x4880)
madvise$auto(0x108000, 0x800034, 0xa) (async)
unshare$auto(0x40000080) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
move_pages$auto(r3, 0x1002, 0x0, 0x0, 0x0, 0xffffff70)

5m5.449662065s ago: executing program 1 (id=1483):
r0 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4}, 0xa3)
mmap$auto(0x0, 0xfffffffffffffffd, 0xfffffffffffff3db, 0xffffffffffffff11, r0, 0x1000000028004)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x23, 0x6)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
getrusage$auto(0x0, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x400000000000100)
brk$auto(0xffffffffffffff67)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x2b, 0x1, 0x0)
sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x2404c040)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8001)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7e, 0x4)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020008, 0xdf, 0xeb1, 0xffffffffffffffff, 0x400000000008000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r1, 0x8, 0x0)
open(0x0, 0x62a640, 0x5d916a2ac3a8fe32)
socket(0x2, 0x3, 0xa)

5m5.019297963s ago: executing program 1 (id=1486):
r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_WRITE(r0, 0x40085507, &(0x7f0000000480)={0x5, 0xb7, 0x40, "c5b6940553aed26e3bf827646696f0cd1f57a50579bd0fbca48afbacb255ddaa3f8e6d13987c0917b77ee48e424632965e61b783b64edd8a94a6fcf0b90a60ec2732878f5e7972df74966557ea7a51350de39cc0bb551454797cc30a83862736914c37bb16dae65624232f398563c4c6879de946660d02259627cdc010420e90eaff657c03e516343031bc6aa91a668884d8b8d077cbecf3c4e84550cdb49738af97571c09494a1b4203423b7fae37364c35d6b42b5d547bc0a04aabd4d8f1686d7e2d762fa1e86498f519557e23b09e495ceb2da744188223a913c9f20030314bbb6d53d01ebf4bd4e6a678bb697c3af5e7304206651db68b120eeb97a3"})
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/watchdog_cpumask\x00', 0x141241, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/net/teql0/statistics/rx_dropped\x00', 0x80000, 0x0)
r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440)="110000000500"/17, 0x11)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram12/queue/io_poll_delay\x00', 0x80000, 0x0)
read$auto(r4, 0x0, 0x9)
read$auto(r2, 0x0, 0x9)
write$auto(r1, 0x0, 0x3)
preadv$auto(0x3, &(0x7f0000000440)={0x0, 0x9}, 0x3, 0x1, 0x80000001)
r5 = openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/tracing/options/fields\x00', 0x80100, 0x0)
close_range$auto(r1, r5, 0x8000)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
bpf$auto(0x3, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x0, 0x10017, 0x8020010800c, 0x2, 0xffffffffffffffff, 0x20000000000803, 0x2000000000000003}, 0x6f0)
ioperm$auto(0x7, 0x6, 0x10)
setxattrat$auto(0xffffffffffffffff, 0x0, 0xaa0, 0x0, 0x0, 0x400000000000000d)
mmap$auto(0x0, 0x20009, 0x12, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
socket(0x2, 0x6, 0x0)
r6 = epoll_create$auto(0x4)
epoll_pwait$auto(r6, 0x0, 0x40, 0xfffffffe, 0x0, 0x8)
epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0)
capset$auto(0x0, 0xfffffffffffffffe)

5m3.98357294s ago: executing program 1 (id=1489):
r0 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x40000, 0x0)
readv$auto(r0, &(0x7f0000004d80)={&(0x7f0000004cc0), 0x73a5}, 0x4)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x20)
chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba)
execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
tkill$auto(0x1, 0x7)
open$auto(&(0x7f0000000040)='./file0\x00', 0x5, 0x8000)
execve$auto(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f00000001c0)=&(0x7f0000000180)='=\x9ay\x11\x9f\x97\xc3*e\xabTc\xc7,\xc0\x85Xb\x00<rY\xd9<\x9d\x1b&\xefg\xb6\xee\xdfi\x14\xfb\x05\xc8\x81\x8cb\x93:')

4m48.521279404s ago: executing program 32 (id=1489):
r0 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x40000, 0x0)
readv$auto(r0, &(0x7f0000004d80)={&(0x7f0000004cc0), 0x73a5}, 0x4)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x20)
chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba)
execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
execve$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)=0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
tkill$auto(0x1, 0x7)
open$auto(&(0x7f0000000040)='./file0\x00', 0x5, 0x8000)
execve$auto(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f00000001c0)=&(0x7f0000000180)='=\x9ay\x11\x9f\x97\xc3*e\xabTc\xc7,\xc0\x85Xb\x00<rY\xd9<\x9d\x1b&\xefg\xb6\xee\xdfi\x14\xfb\x05\xc8\x81\x8cb\x93:')

4m48.173309716s ago: executing program 3 (id=1574):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r1=>0x0})
write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x4000, 0xfee0, 0x3fd9, 0x3, 0xfffff000)
signalfd4$auto(0xffffffffffffffff, 0x0, 0x7, 0x0)
r2 = socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x7, 0x800008000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
ustat$auto(0x801, 0x0)
sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
munmap$auto(0x1000000, 0x2000000c)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}, @HSR_A_IF2_AGE={0x8, 0x4, 0x4b3d}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0x10, 0x2, 0x0) (async)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'}) (async)
write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mremap$auto(0x4000, 0xfee0, 0x3fd9, 0x3, 0xfffff000) (async)
signalfd4$auto(0xffffffffffffffff, 0x0, 0x7, 0x0) (async)
socket(0x15, 0x5, 0x0) (async)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x7, 0x800008000) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) (async)
ustat$auto(0x801, 0x0) (async)
sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) (async)
close_range$auto(0x2, 0x8000, 0x0) (async)
munmap$auto(0x1000000, 0x2000000c) (async)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}, @HSR_A_IF2_AGE={0x8, 0x4, 0x4b3d}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)

4m45.739201961s ago: executing program 3 (id=1578):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
r0 = fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0xfffffffb)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_to_bridge/mtu\x00', 0x202, 0x0)
sendfile$auto(r1, r1, 0x0, 0x5)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x2a)
r2 = socket(0x2a, 0x2, 0x1)
connect$auto(r2, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57)
write$auto(0x3, 0x0, 0x3f00)
recvmmsg$auto(0x3, 0x0, 0x3, 0x6, 0x0)
ioctl$auto(0x3, 0x541b, 0x10000000000402)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000080)=""/233, 0xe9)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0xfffffffffffffffb, 0x2)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose3/queues/tx-0/tx_maxrate\x00', 0x8402, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)='8', 0x1)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(r3, 0x8ae47, r0)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x180000, 0x0)

4m43.906079397s ago: executing program 3 (id=1585):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
r0 = socket(0x2b, 0x1, 0x1)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon31\x00', 0x214441, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x7, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'vcan0\x00'})
sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880)
munmap$auto(0x0, 0xffffffff)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, 0x0, 0x24004054)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)

4m40.590771207s ago: executing program 3 (id=1595):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x102, 0x0)
r1 = socket(0xa, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r2)
sendmsg$auto_NL80211_CMD_GET_STATION(r2, 0x0, 0x800)
ioctl$auto_FS_IOC_SETFLAGS(r2, 0x40086602, r1)
mmap$auto(0x0, 0x20007, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
ioctl$auto_RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000040)={0x80000000, 0x3, 0x3, 0x1, 0x9, 0x8, 0x7884, 0x101})
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r5 = socket(0x2, 0x1, 0x0)
socket(0x15, 0x5, 0x0)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, 0x0, 0x6a)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0xda, 0x1, 0xeb1, 0x40000000000a5, 0x8000)
sendmmsg$auto(r5, 0x0, 0x5, 0x20000000)
mmap$auto(0x0, 0xffffffffffffffff, 0x3, 0x110, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_OVS_FLOW_CMD_SET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x801)
setsockopt$auto(0x3, 0x6, 0x18, 0x0, 0xf33)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
wait4$auto(0x2, 0xfffffffffffffffe, 0x25, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x801, 0x84)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000)

4m40.272757985s ago: executing program 3 (id=1597):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
io_uring_setup$auto(0xa, 0x0)
close_range$auto(0x2, 0xa, 0x0)
open(0x0, 0xa240, 0x15e)
mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x7fe, 0xfe2)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0xe, 0x400005, 0xdf, 0x9b71, 0xffffffffffffffff, 0x7)
mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
rt_sigsuspend$auto(0x0, 0x8)
syz_clone3(0x0, 0xffffff67)
msync$auto(0x0, 0x2000000005, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
setsockopt$auto(0x3, 0x8000000000000006, 0x22, 0x0, 0x7ffffc)
write$auto(0x3, 0x0, 0xfffffdef)
sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x80)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)

4m38.671158608s ago: executing program 3 (id=1606):
r0 = prctl$auto(0x1000000001c, 0x5, 0x8, 0xa, 0x80000)
syz_clone(0x1400, &(0x7f0000000000)="977c89fe41df77182571f5efe4806e822c635efe00da25ebe99c6ae79837dc257a931ffe0f9c9adda151bffcd7bd7119ed449ec3f03a8a919b267115c68c9bfce25ac82092f6cb8cda133d422cabfec846433930bc7f1f691aa86867b69b1d60e6e00f8e287c9a8fd533451b3fe4d8520859c12ef310c7d5c068b9d8075e9f834063e52898822b87acf0821af6097737821335e1bc868d2c92d979d12c6469872808d343fd891669585c1b2d46f382a4df68495b25dbb271da1539e7d8962d0c521180f4af62996a8f6726b216bbd652ae0556fa12", 0xd5, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="b30afbaa2bcad5eb5eb7149202227f69")
setfsuid$auto(0x2)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty15\x00', 0x103980, 0x0)
r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010026bd"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
sendmsg$auto_NETDEV_CMD_NAPI_GET(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r5, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NETDEV_A_NAPI_ID={0x8, 0x2, 0x4}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x46}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x2}, @NETDEV_A_NAPI_ID={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040000)
ioctl$auto(0x3, 0x4b32, 0x3)
r6 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_GTP_CMD_ECHOREQ(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, r6, 0x203, 0x70bd25, 0x25dfdbff, {}, [@GTPA_LINK={0x8, 0x1, 0x4}, @GTPA_VERSION={0x8, 0x2, 0xdcd}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prctl$auto(0x3e, 0x1, 0x4, 0x0, 0x0)
sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f00000001c0)={0x14, r3, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x44872)

4m23.550119704s ago: executing program 33 (id=1606):
r0 = prctl$auto(0x1000000001c, 0x5, 0x8, 0xa, 0x80000)
syz_clone(0x1400, &(0x7f0000000000)="977c89fe41df77182571f5efe4806e822c635efe00da25ebe99c6ae79837dc257a931ffe0f9c9adda151bffcd7bd7119ed449ec3f03a8a919b267115c68c9bfce25ac82092f6cb8cda133d422cabfec846433930bc7f1f691aa86867b69b1d60e6e00f8e287c9a8fd533451b3fe4d8520859c12ef310c7d5c068b9d8075e9f834063e52898822b87acf0821af6097737821335e1bc868d2c92d979d12c6469872808d343fd891669585c1b2d46f382a4df68495b25dbb271da1539e7d8962d0c521180f4af62996a8f6726b216bbd652ae0556fa12", 0xd5, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="b30afbaa2bcad5eb5eb7149202227f69")
setfsuid$auto(0x2)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty15\x00', 0x103980, 0x0)
r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010026bd"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
sendmsg$auto_NETDEV_CMD_NAPI_GET(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r5, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NETDEV_A_NAPI_ID={0x8, 0x2, 0x4}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x46}, @NETDEV_A_NAPI_ID={0x8, 0x2, 0x2}, @NETDEV_A_NAPI_ID={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040000)
ioctl$auto(0x3, 0x4b32, 0x3)
r6 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_GTP_CMD_ECHOREQ(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, r6, 0x203, 0x70bd25, 0x25dfdbff, {}, [@GTPA_LINK={0x8, 0x1, 0x4}, @GTPA_VERSION={0x8, 0x2, 0xdcd}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prctl$auto(0x3e, 0x1, 0x4, 0x0, 0x0)
sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f00000001c0)={0x14, r3, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x44872)

4m2.040582225s ago: executing program 5 (id=1721):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x1, 0x100)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/devices/system/cpu/cpu0/topology/die_id\x00', 0x8ad00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b)

3m59.554107506s ago: executing program 5 (id=1727):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/i915/parameters/mitigations\x00', 0x80302, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/ram6/queue/minimum_io_size\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001540)=""/104, 0x68)
mmap$auto(0x0, 0x4020009, 0x7, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfdf3)
semctl$auto_SEM_INFO(0xfff, 0x80000001, 0x13, 0x6cc)
read$auto(r0, 0x0, 0xbb0)
socket(0xa, 0x801, 0x100) (async)
r2 = socket(0xa, 0x801, 0x100)
r3 = getsockopt$auto(r2, 0x40000000029, 0x10, 0xfffffffffffffffe, 0x0)
read$auto_rfcomm_dlc_debugfs_fops_(r3, &(0x7f00000000c0)=""/103, 0x67) (async)
read$auto_rfcomm_dlc_debugfs_fops_(r3, &(0x7f00000000c0)=""/103, 0x67)
read$auto_rtc_dev_fops_dev(r3, &(0x7f0000000080)=""/16, 0x10) (async)
read$auto_rtc_dev_fops_dev(r3, &(0x7f0000000080)=""/16, 0x10)

3m59.42595793s ago: executing program 5 (id=1728):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @u32=0xd}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)

3m59.162085844s ago: executing program 5 (id=1730):
read$auto(0xffffffffffffffff, 0x0, 0x800007)

3m58.975899566s ago: executing program 5 (id=1732):
r0 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4}, 0xa3)
mmap$auto(0x0, 0xfffffffffffffffd, 0xfffffffffffff3db, 0xffffffffffffff11, r0, 0x1000000028004)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x23, 0x6)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
getrusage$auto(0x0, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x400000000000100)
brk$auto(0xffffffffffffff67)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x2b, 0x1, 0x0)
sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x2404c040)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8001)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7e, 0x4)
socket(0x2c, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020008, 0xdf, 0xeb1, 0xffffffffffffffff, 0x400000000008000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r1, 0x8, 0x0)
open(0x0, 0x62a640, 0x5d916a2ac3a8fe32)
socket(0x2, 0x3, 0xa)

3m58.072578868s ago: executing program 5 (id=1737):
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
mmap$auto(0x0, 0x202000c, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0x8000, 0x0) (async)
socket(0x2, 0x1, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async)
r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000a80)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x40000, 0x0)
readv$auto(r3, &(0x7f0000000b40)={0x0, 0x6}, 0x4) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
ioctl$auto(0x3, 0x541b, 0x10000000000402) (async)
fstat$auto(0x2, 0x0) (async)
clone$auto(0xb74b, 0xfffffffe, &(0x7f00000003c0)=0x99, 0x0, 0xc) (async)
fallocate$auto(0x8000000000000003, 0x208, 0xd, 0x69ac)
ioctl$auto(0xc8, 0x401054d5, 0x0) (async)
readv$auto(0x3, 0x0, 0x6) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
unshare$auto(0x40000080) (async)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r2) (async)
ioctl$auto_KVM_CREATE_VM(r1, 0xc048aeca, 0x4800) (async)
sendmmsg$auto(r0, &(0x7f00000002c0)={{&(0x7f0000000040)="dda5884a7f54947acdc3372a45091b57d8747cbbe50935748e2c5021806380f3140513fb92ceb2c6edb97e8810c2ed2d0efa21118d884c43625999ca127d15c43653b86676535ccea2d0146029a021f2f9012f94c667d2ad08b896154adb43dccb2833fc1db8d8f4b55c6ab6f67fef601989bd7ef315aa95d9a6c8c682141fb44ffe5717cf35d6415d619620cd77c42076f70a4c499e5fdc3f6af9c34e3fd5afb1c9562331af13697f0c9f8eaa80ec8af276c3c0e8a96c27", 0x7, &(0x7f0000000200)={&(0x7f0000000300)="877cb0b208b0df3d61cb9bb98ffd95379f9de72c6a194628c67f197cb686cfeef3252f80d1ed57946aadc99b2c2fc447068bdb9b86a89e94da8b842b251bbccd209a1021dc4433cd21b3dc483f4d13c2cebd8ebd3403d5f08ff29635cf7af7caf8a35235a952ab14593bc2b7be642be67a7d3168f45b650efcf2e3ce0de864ded2fecddb0b265568e097c480ad02110c5938c2538972f527666384eba23560c08601f9fb6d094908b4e121d79f3276cbc1ecd266dd8b0c296f2121b0816fa9aadfaef6695867b9724ccb9112366b5f83386f39fc69e81a42cdc6eea3aaf359a859778afe9dc72f724deeb37af5190bf5e1f01bf8b1bffe18054f2b00a79d8a3f345874869e952700"/282, 0x187}, 0x9, &(0x7f0000000240)="ec65a619a4e0f1ec6d12cfa4b9b800eef491833f6cfe29c72c1cdbc516bfdeb14c73cbdb7b5bf52a749e4273ca5e29fa9d1de08aec2830ade8c015fc9208b2d73ad52bf3907b16bc33d651f8eee5cbdc9913679eaf14d572f04842c37af5d54054b7c1fd2f28495575dcb7816505032f6dcaf4f9540aa40bf822961d63f4e4", 0x1000000001, 0x8001}, 0x9}, 0x4, 0x3)

3m42.556254796s ago: executing program 34 (id=1737):
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
mmap$auto(0x0, 0x202000c, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0x8000, 0x0) (async)
socket(0x2, 0x1, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async)
r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000a80)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x40000, 0x0)
readv$auto(r3, &(0x7f0000000b40)={0x0, 0x6}, 0x4) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
ioctl$auto(0x3, 0x541b, 0x10000000000402) (async)
fstat$auto(0x2, 0x0) (async)
clone$auto(0xb74b, 0xfffffffe, &(0x7f00000003c0)=0x99, 0x0, 0xc) (async)
fallocate$auto(0x8000000000000003, 0x208, 0xd, 0x69ac)
ioctl$auto(0xc8, 0x401054d5, 0x0) (async)
readv$auto(0x3, 0x0, 0x6) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
unshare$auto(0x40000080) (async)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r2) (async)
ioctl$auto_KVM_CREATE_VM(r1, 0xc048aeca, 0x4800) (async)
sendmmsg$auto(r0, &(0x7f00000002c0)={{&(0x7f0000000040)="dda5884a7f54947acdc3372a45091b57d8747cbbe50935748e2c5021806380f3140513fb92ceb2c6edb97e8810c2ed2d0efa21118d884c43625999ca127d15c43653b86676535ccea2d0146029a021f2f9012f94c667d2ad08b896154adb43dccb2833fc1db8d8f4b55c6ab6f67fef601989bd7ef315aa95d9a6c8c682141fb44ffe5717cf35d6415d619620cd77c42076f70a4c499e5fdc3f6af9c34e3fd5afb1c9562331af13697f0c9f8eaa80ec8af276c3c0e8a96c27", 0x7, &(0x7f0000000200)={&(0x7f0000000300)="877cb0b208b0df3d61cb9bb98ffd95379f9de72c6a194628c67f197cb686cfeef3252f80d1ed57946aadc99b2c2fc447068bdb9b86a89e94da8b842b251bbccd209a1021dc4433cd21b3dc483f4d13c2cebd8ebd3403d5f08ff29635cf7af7caf8a35235a952ab14593bc2b7be642be67a7d3168f45b650efcf2e3ce0de864ded2fecddb0b265568e097c480ad02110c5938c2538972f527666384eba23560c08601f9fb6d094908b4e121d79f3276cbc1ecd266dd8b0c296f2121b0816fa9aadfaef6695867b9724ccb9112366b5f83386f39fc69e81a42cdc6eea3aaf359a859778afe9dc72f724deeb37af5190bf5e1f01bf8b1bffe18054f2b00a79d8a3f345874869e952700"/282, 0x187}, 0x9, &(0x7f0000000240)="ec65a619a4e0f1ec6d12cfa4b9b800eef491833f6cfe29c72c1cdbc516bfdeb14c73cbdb7b5bf52a749e4273ca5e29fa9d1de08aec2830ade8c015fc9208b2d73ad52bf3907b16bc33d651f8eee5cbdc9913679eaf14d572f04842c37af5d54054b7c1fd2f28495575dcb7816505032f6dcaf4f9540aa40bf822961d63f4e4", 0x1000000001, 0x8001}, 0x9}, 0x4, 0x3)

4.536841507s ago: executing program 6 (id=2648):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
mmap$auto(0xfffffffffffffffe, 0x402000d, 0x100df, 0xebf, 0xffffffffffffffff, 0x8000) (async)
r0 = socket(0xa, 0x1, 0x100) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/v4l-touch8\x00', 0x40080, 0x0) (async)
r1 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002) (async, rerun: 64)
setsockopt$auto_SO_MAX_PACING_RATE(r0, 0x3, 0x2f, &(0x7f0000000300)='\xba\xf13\xa4o\xd3\xd2\xe0v\x95\xe6mAk\x90\xa1\xfd\xb0\xe1\xa6W\x85py\x91Q\xe7\xc9\x05\xce\x17\xe6<0e\x12\xe8/\x16\xf0\xd2\xe5\x06[\vFb\xd6\xc0sTv*\xa6\x97\xb4\xcf\xc8d^\xb1\x7f\xeeH\xd2\xa8\xeb\xad\xdfw\xad\x1e\xcf\x13\xd2\xbbh\xb7\xb1\xa2\x14\xbe=Q\xf3\xd6\x85\x8as\x04\x93\x8c3\n\x9e\xcc\xbdP\x89\xee\xa8\x82\x03\x97\xe6^\x85#\x11T\x8dE\xba\nF\xc2\xe2\x06k\xf0~\xa3\x86h\xc2\xb8\xcfk\x1f', 0x4) (async)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) (async)
r2 = getpgid(0x0) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
socket(0x2, 0x3, 0x6) (async)
socket(0x2, 0x5, 0x0) (async)
getsockopt$auto(0x4, 0x1, 0x4, 0xfffffffffffffffc, 0x0)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, r2, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r2, 0x0, 0x401, 0x5, 0x3}}}) (async)
r3 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', &(0x7f0000000000)=&(0x7f0000000200)=' ') (async)
ptrace$auto(0x4206, r1, 0x0, 0x5) (async, rerun: 32)
capget$auto(&(0x7f0000000000)={0x6, r2}, &(0x7f0000000040)={0xd, 0xb3d3, 0x1}) (rerun: 32)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/004/001\x00', 0x100c0, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp1\x00', 0x802, 0x0)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f00000006c0)="2f7a79b3") (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
move_pages$auto(0x1, 0x233, 0x0, 0x0, 0x0, 0x8000000000000000) (async)
ioctl$auto_SNDRV_PCM_IOCTL_DELAY(r3, 0x80084121, &(0x7f00000000c0)=0xc3e7) (async)
symlink$auto(0x0, &(0x7f0000000000)='\'--[[\x14+\\\x00') (async, rerun: 64)
socket(0x10, 0x3, 0x6) (rerun: 64)

4.51063503s ago: executing program 2 (id=2649):
keyctl$auto(0x5, 0x0, 0x0, 0xee01, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00')
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8})
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x30, 0x80000006, 0x4)
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1ff, 0x7, 0x42, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x6, 0x2000, 0x0, 0x6, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0xffffffffffffbfff, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4004)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
mmap$auto(0x200000, 0x200006, 0x1, 0x40eb1, 0x602, 0xb00000000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)

4.07784417s ago: executing program 0 (id=2651):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x842, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mlockall$auto(0x6)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0x20499d, 0x9)
socketpair$auto(0x7, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)

4.073928668s ago: executing program 4 (id=2652):
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffbfffffa, 0x8000)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
set_mempolicy$auto(0x6, 0x0, 0x4)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001600)={&(0x7f00000015c0)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NETDEV_A_QUEUE_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x850)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
r3 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim3/ports/3/pp_hold\x00', 0xc0b02, 0x0)
write$auto(r3, 0x0, 0x10000000200001)
r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000001140), 0xa8900, 0x0)
setresuid$auto(0xffffffffffffffff, 0x8, 0x8000)
setpriority$auto(0x1, 0x0, 0xe55c)
read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)
read$auto_rng_chrdev_ops_core(r4, &(0x7f0000001040)=""/160, 0xa0)
newfstatat$auto(0xffffffffffffffff, 0x0, 0x0, 0x22e1)
ioctl$auto_SOUND_PCM_READ_RATE(r2, 0x80045002, &(0x7f0000001180)="4c3147ab094a3af3a8fd8fc49dc337765d915190e2bb81e6406ef647533f5ff40954ff7d52437224796d3cb4c9e9c65f57bdb4c156947ad3b032c2257bf3c6a640068f78406e54084c82888c3ae954b02c3846f125696be5666415e258406b2ae6d382ed589ec33d40c78247fc778ce000cfc34dd01f3a6ba7f98f2399b0da69c69d4e9c80b184effa5d35e6fdb4f0bb99f6a8557e64d8a1c2b7d3e848d521f7be039a01f2cac78d4f42b57363e360151a")

3.617295284s ago: executing program 4 (id=2653):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async)
fanotify_init$auto(0x602, 0x1) (async)
r0 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r0, 0x0) (async)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(0x0, 0x451, 0xa, r1, 0x0) (async)
socket(0x10, 0x2, 0xf) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syslog$auto(0x2, &(0x7f0000000000)='-#:\x00[\xda\xe2\xc3L\xd30{Q\xecvP\x93\x87\x1e\xdd\x95\x1b\x19qI\vv\xacO*X0V\x93\x85\xff\xb2\xdd\xd8\xd5Kh\xfa\xa3\xc7\x9b}\xec\x1e\xdc\x80\x1fR\xc30\x9a\xae\\\'\x14\x98\x98\xc3iDv\x97\xdfTMt\xe5?\xd0\xcc\xb8\xfa\a\x7f\x7f\x00\x00\x00\x00\x00\x00\x00n_\xb1\x1c\x7f\xb0y\xec\xe2\xcc\x1a/\xfa{d\xe4BN\x9c\xb9\x87.\xfe\xe7&1j\xe6]\xc3\x9anE6\x81\xe4\xec\xfa\xefE\xf7\x17h\xf4pumR\xd55Dd(\x0f(b\x1aD\xf4\x03\xc3\\\xdf\x8f\xa8\x82\xab\x102\xd1\xaf\xcaT\x86\x171\x11Q4\x94\x9d\xf5\x9c\xe3\xaa\xf3\xd26i\xf9\xb2\xd9T\xc9\xfd\xba\x91^\x19\x95\xde\xbc \xa8\x98\xc3\xed\xe9,{\xd4\xa1\xe4p\xcf\b\f\xb4\xbe_\xf2\xbe\xef\v\xf1d\xdd\x0e\xfc\xc3\xeaqt\x94\xe7\xce\xf1\xc5\x94~\xf6Cx\x0e\x98\xc7gE>*\x9c%\xa0\\\x14\t\tv.\x1c\x1a\xf1\xba\xc0>\xf4Hc\xc3\xfa\x033\x8f\xb9(\n/\xcdo\xc2', 0x4) (async)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0)
r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82) (async)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)

3.586781272s ago: executing program 0 (id=2654):
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/pagemap\x00', 0x121800, 0x0)
r1 = getsockopt$auto_SO_TIMESTAMP_OLD(r0, 0x3, 0x1d, &(0x7f0000000040)='\x00', &(0x7f0000000080)=0x1)
ioperm$auto(0x5, 0x7, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'veth0\x00', <r2=>0x0})
r3 = bpf$auto(0xffffff35, &(0x7f0000000100)=@query={@target_fd=<r4=>r0, 0x800, 0xa6d8, 0x5, 0xfffffffffffffff7, @count=0x1, 0x0, 0x9, 0xd9e, 0x9, 0x9}, 0x5f5a418b)
r5 = memfd_create$auto(&(0x7f00000001c0)='+\x00', 0x7ff)
timer_gettime$auto(0x4, &(0x7f0000000200)={{}, {0xab35, 0xd}})
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), r3)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0xb4, r6, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_TSINFO_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x31f6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1000}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}]}, @ETHTOOL_A_TSINFO_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x80000}, 0x24000000)
r7 = socket(0x22, 0x2, 0xfffffffe)
lstat$auto(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x8, 0x20000, 0x7ff, 0xe1, <r8=>0xee00, 0xee01, 0x0, 0xd4, 0x3, 0x0, 0x10000, 0x3, 0x4, 0x0, 0x7, 0x0, 0x9})
r9 = fcntl$auto(r5, 0x0, 0xffffffffffffffff)
ioperm$auto(0xfffffffffffffff9, 0x3ff, 0x2)
r10 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000540), r9)
r11 = waitid$auto_P_PID(0x1, r9, &(0x7f0000000640)={@siginfo_0_0={0x2, 0x8001, 0x2, @_sigsys={&(0x7f0000000580)="6b6841bfd608d9420eea70272802c51db319b14df90af21c0dd0ed919cf768ab6c3030d624b3aa625449d06b8057f8dd47a971ca92195983cc58985c6dd58929e8531b786d5fcbe14601bcd2968adce84569dfe1aa6e4f66171171e53ae7978f97df2ebae13cb558c717f78958b86558cc1cdd0bed1ec07aa13481aed0da45fe25b8b8331d5365", 0x9, 0x101}}}, 0x9, &(0x7f00000006c0)={{0x0, 0x2}, {0x7, 0x1}, 0x6, 0x200, 0xe6, 0x1, 0x10000, 0x3, 0x5, 0x2, 0x1, 0x0, 0xaa8, 0xffff, 0x7, 0x5})
sendmsg$auto_NL802154_CMD_STOP_BEACONS(r4, &(0x7f0000001a80)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001a40)={&(0x7f0000000780)={0x12a8, r10, 0x301, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_OUT_KEY_ID={0x1284, 0x2b, 0x0, 0x1, [@typed={0x8, 0xea, 0x0, 0x0, @pid=r11}, @nested={0x126a, 0xd7, 0x0, 0x1, [@generic="f69056e2ad8f5737e1c11cec4276b06903eb67a4db94310ef942bf684986f7979cdaa5c122972fb9039719bf087fb74d0d03b40b21c7db4d5a255575d5df48da873791c571057b93985305ba1f122a131f9b1248e57705d370e25c93ddb2f2978645a9abec9c74b48807ff4e3d6b8768c1daf01b4d2870595b8a68c981609d5cb8d51a9748d043b8890e1adce3db0092693d3533df8c6f506321540838152d0be901", @nested={0x4, 0x4c}, @generic="628aa1f076541826603945d8f1d93580c6dcad810c548ea857ad2fc9ec9c1b78b7502503379bd222b97e7a9dc0b4039e60678148bf0880369fdd1027aab889eebcc229f3d103ba95263f55df840a1437eb93d69182964d02c75ccdae45fa7a1aacb709465eb6eb026a852810ac344cb3c7a091f1326e0b7faa48c35746ceb50b074804f9cf82014edd8012e34c2db7a0e85318d9038c17d831ff2c336bbf0c10462cf2ba1ae69909270444a58cfe755b12ed8a1499b34db9c5aa78bb9ea2c72319bf880bc75f064ec2ae92f91b5b0e591805b8439b887e59467e0f34ca1dca3108dc0fcdf8dff1410e4ba2679ea93c745dff3ec75e1b33a7e7be", @generic="4e39d2ffa174dddd91a18d6baf86afc7c4e822df9d7138800e3446e04276fa31b9f12d091f9413dad8706cb445cbf0448ed09c27872a", @generic="548b55d6d1df8239e4ba8e9d1ab3f511655af1d585bd9602d98d26150395f26b233a5bff9f2c69442bc90818244425584dd669e872d8f9596d62e6f716a953c2ab24a6df6b3cdeb69c30164b7c0509eb1c42b220bdee5a5f8a76521c5610c2192906446b6814dcac57de16b9cc9257973512bfc49d1776db70af07d782d568aa3dd1eae92131e802aede5efe552eef2ee55bb2076ae10525995fbff465492d5f8ebf515ac751029a135b671cb9c3646264ccb46cd4840aa965a5b9406ed43ffd5b84da61505c87b1d35094f81187acd5210617c91a57cae941d058454b1fca7905561573aed5ed324c51e3b98e8d86a97e8ea26baa3f7c91574ee5de392c5baa1c29f5c260a8d3208e620664bd5d4a8ecca4ef762bda189867efa3909166eaa39b6a725236329447fc3c17c80679ea0b918474a0d791069fc4f2a5b5993098b300a58399b25f7414d225b20bfb4d4425e465a2207d2cf0e155fc9898933c0e8922bc1fc24767a7e44d46397b1027137caf50459a4aec1ef1e34271ec4a4f29a599fc6e8d72e311f1f61c67101ee18c53aca85613f9ce6635b5767ef0ef879cfaae8fa4765eb0b0ba30a1a8c4ed35cb2fad6b40633e147fba3bfcae7ff6bd507b3b96cce19f3f4317baacd1acfb88bbd90682891f07dc5bfc0ce63e1e0cab3af98ee6b19085b9f9920c5b90e051137ed0c7c804a76dca31fb8b65569cfc29160503c40cb1a0745d46c3602af4ac320b4cec2a74982afe521094ec62452b1b797d36b363b2636229516a6691176d6ef78b30071af802fdf77d69dbd9890087871f5272c6ea9b084bf8ccce113ac87409091fb4ea4f89f6ed45b1f9addd76feaa98b13a3c7400ff66d59be49ab34b884d73e41392a57fde698071745c3c11039337b70b4fe5c6b4314abaeb5b96316fa7767b03e4e1656b3c7f53dd147dba71a438785288c14fd7850265ccc2fbf6f873b93d60af6165b90f3a3083bdfed5b04ff535f2d6a8781ac0d69851b57b114d54858efb5a69f8151bb4c6c28354816332f9aaf16baa50efdf0ada6be4934dfcd91f5541ee1b728ade93f2cc4ff6297f720d901922cbf96f654456f2810f60618c7ad1b830e035ab1ec3eb7ca198c9ec2f66d1c78cc5f5b1b0256128e474ccd8f19b844e7d7e092e4c6a22c2acdc3738e7fde2467bc9cdef3044ce4d956717873106adf4de7129179aa346b1ad4b67231f253215774af85d167ba7b75e6a3ac18d773da0b1684e1998cdc43e742b19352ce9de5665c8d7142665bd893c63b6fc0e25bb2bab2776cd54f63c60a1f5c6c923a81cfe9c9640da800fa505e90fcbff97899d1a7305ee40b8dbfffe645537048295765d23f7c80c9d5d816afecd25e92cff457a8d2195960ba4190a3e00ca3af2ee82fc89cc4d0a0611d12dd3a2350db7dea101046578b6249580585cd41aeaf787aefab74dcb22440f349a903c2cf5ae2079d17d60e0782aa040057177cdb1ddc8119e99d02079c2d96fbd289d2184c636e95ae693a250adbd0c9f46f12006d27f8135df023703c159c6b3a3fdf0b609afc5e6eee893feeabca925e992912e8c34cabaa57fe6865e5e0371a65a7e73700c4fa7aea2494a6eaa670afc8a85b43ec32aa05215ca786a03345556e29910c15cf0f84f67c6cf928f4196133dea3d1b609881154730c2c520c54e9b6969cfd2435c064e268c2d1f310952e35f0d769748c3d98f7405541553bf99b1afde857866a80802a3d5328d0fd1dda610d1b920e40a955f54d6c6e1c68f74a06f7071b16ef167deef38898a5aefe5ab8d13da462f3129c3543cfeb98a61425352cc8da434e85e5b1c06db5c7593f19966ed7bebe4135079f57ba04fc3f2f68183c522376bc46b0792e53b2d899cf311aa01547d702855053783815a8828f03294edf92627c07051518d1696b42515a9cd7d62c39ac9e8b1e758f94341ae2b344af31da95eecfb9bda2a044949dba50a6f46add942d3dc6ca353fa6fcfd24c7fc962764fc312a81e5c4417e28dc5e0328d1a810da3a36cc11d56f61361ddd6fe2ac41b44c95476f33f5fcb650bd2729a028d88f50559d4514684a3a9c7e967bc1d219aedd5e87441de8d9d22da9234c5cbe50a6e57bd0dd1d9b8fb974a980e405c0cdfdedb0fb6bcd6212abd1e26316966399419cd6d8dfd1fc9b8992f5fd8f4778cab63e34aa42fb195f5d9b989c6988b574f221a910c552429a439dddf92bfbf4f197b315ea0710f8c874469cd31f74bbdb810b9684d38549cec4dfeb66f9547b8b8321f712dba7eeda817dbe185c44c7ee581d52178bd1c73d126ca4eb652d6c22b833c6b46499160829a844720a302fbd1e6bafc86ccbb54eddeb90703422bf40ce4c39cb96f0ff401b77c6e193d9fd034f6d1f8f1ab565f0670a84068de22432431d38a9154551c41b2bc86c6688f5851500e83f9f6d9c6bd29697c78cc1875fe9445ac07769b90f24d11d1e6f241d25f5e18763b890c56f7a05630e8165edba7675f4f0c7597a94b8bd9e1ab4b2a9a283f765d25fdec98e64b826cc29ad3360cd776d4bbb48a4de8eaa281433802ee24f326bcd9193405ab4998533b757710d0b5cb2394b02b57b6b40bbb86a290786ffd85c6bef447d56d4dd4dd6da168bd6f260120473c70de26463ce462fda921fee864483582f77ca732791e35d791da22196a347d94c4f8d047b9bce81c3f51ae0f968de53cc432af468c7ac8a46924323caa250418b1f781767aac19ae437f717d0d19a2f0f3914e8ae06ca0ad2b99f65cb6414942386df6ba95beea355b8506befabb3c78ad4f5f8261e8bb115cad01af3d0a1ed420dd0f07040e86e813c64f40682119aaca9600c11f5e51af54b8222270c19597ce2338856637637531dfe94b0bcb1129cb8ebcac68afdfd61046def194ec50645db7fef21df407c4285c2c11304b2601382df6afd4093e60599ddcfadb9bfeb7a6d12885dbcc18065a827f2772d9f46e6827ef014c19fbe3af70564a0d3b83941572938b740547d4dafcd73c938f1e6605297756a614d8da8a5484e1320977e617ec5560bc3fb6c02fe0fd3cab778aa2be6831ae274b7ca76b59cce06e36fef4c84c771913be7214612134eba5f85d59b49e44802de9426166fbb290ef3ad321de9ba82a6b6531ed2b101bcc7e2ffe66b60a93c0084b10c0f8870843294104ced930e9e3ca828cbd0c2d94bcacc3d6d9280dbcc90f0850b2dc20ab12dd2291289fcc4d7c30389cf07f89aef31b616cebf7d493e1c5cf1685b95510bcd59c2067450d4179332f186f2f6197ed758de3292b1be0676f96c11f3a26f071bd38c2c2922a7b0880bafc7f33b9fbf57016250a0d9e727eb6c4e376e202e9de777e4e8c17b4b3c8e2f864267ed7b0cca73239702dfcbd15f837a01b0be6d44d114e43a9b3ed141ad8e94cdac8af48ab9e0b22abecc335eeb3f7b52ed0ff96c85f4027b5f9751d3c6aadee0d1fda5752a62d2b46ca369a4cf7815fdad1d048350cec34ce38dbe481648fe7ec8265e316d924bccb9e85ce2148a03dc3c84d2a8500fbc4c35f87514d7df1685012a7979fd00e7dc9008876765e9226f5e23e6a3ee1b1db88d1aa83367628b693314e9eb82b801285b9ed562de9d1e6c78a76e6653565a4a458ed8e289faf05720abf140b781115cdb7a58fa261ee40741d3111d4f8936203073b22e576f67fd5e689675893d7e28d5892ec9a66d26a513855dc6cb605aef32e4623d8b5193a1456cb4df5aa88a81a1ad3601c77c2cf756d5cc944b9f89796272cefda0afffbc97737f8059937507cd7aa9de823164aa678a4a923469dc3c87d144811bbccfd10b04f2708a154ae90dde8766a5665919d7d7525648d2ac240b85dc10f523e553ad7a80ddbc52a523af8b0328b963d69714107471620510bd4b7f3e68a61ff606ca4c58ad6fc8a9e822c90367898f998d3a9df8706d5cf03461578a28935d1a68816162a0f363f0a9026162bb020b9891d8fe4df8ef2ffa1f1206218c2931bbe11d8a542649434cb5aaeecae9774b070fef913033e4c7ddfeefda0885a25eeac4da1b1edbd97cf6d8a11c30431edc6a85cf6919c447a24ff8159a50f1cd303c2e9dae649f7ce22f1a5c7c127e8a8cc9ff36a67872291caf0ee275b4c934c9032fed6044a3ed29c21c2b208935e71cb1f36ef68a8b63d5bf9e2a752b31ea220967d5f749a193a6ba8d066f093ffd59e42df129a2e9e87efe1c54490b05962bb8c0f752d42cd97c79aef3d7572ba46f35a6021abf61e2a08d406280cca0a74e318322089b3e62242fdf797ede29a82162d316c3a8eea16244097f849cda0268707b7ae00312e330116cd7cb0c4990a94ac77595e4c36fc6b0e436c0b97904007a50c8273fbb8b3afca3f77ef846062d1de875f032a436059f72be100392b88dc0082a591b2d44dca46df777317e7ec4be38e8c0bf0cf6f73583e3495f97a5aa45adaaa9549c8c48da9b96fb0d3f8edb9ca4c60c14c7f5c72c74a9355eac798ad3eaab37e720033a798a793b7feae828d044f30e7d943d234a028fdd5ee0a54f0a105bf57c13b8d20e8517593ec1af00d71ced33be0501fe95fd61689c8481810b399ab5f8fd8273009fb99a5ac281c3130fa6c3e72fcc52f5ec21c2c507db942bcd19719b18f567b85abb0c5f4ee21bf8990d7c9adf983e50b7a0ce0fe9d668026dd8193432f3ec4b51d806fb32406b724842dd365bf58f542ce2a3ebf16d760cf8320663a11614fa506f39e962dcdaa78e713ca891b0abe8482335d7ae560c33d824de9d927cefedb23bc1878d22520b0aa612c9788a350105c5719fd4cb893d4faa5b61b260f79037f545f461933e3c1e9be8a233cc8667fca1b88726713accba3f1a326e1b328cd763641ed5f7808ab38bdb6bdbf7d129595481b11239c2fdaa6011da570133fbeb2ec0206dbd0fc4c97975c9b3c608da242f784b0c01db3f74cb51d33af73108f26983e727115b7031e01338120a3171e3157e639f8b84f3006ffb77d4499e7f210cab08bc148d978ac3940cfeeea4f5e2cfd64e3970eb73de80571e3e8652cb6726b9fdfd43ca9603877b031cb1f208af9ae31c815df92c799b270a1fc86f2e57f449df8050932c1f02f1685651a3555ce12bda90b10e6dd9970c6b0ac5e07b61b6f15f7fcfc8df4aabddbd4f04c0e96d36c89b89f592dd85eab935acb89b91d8d0c1cb208e1640b2d58f2ed17921dbd6f8aebf08720d9ef445db943d6ec92a5f6ba9fe8d438f2332aa71ce6863aab53af76706d753c798b51ca708a0a89c3f20c096003fd6f80bd66b1f1ed14e46b7df348e57c617f2bd6f72de12460c90a4612f2cb7c9d7ae8ff570d019d8f223a5a227c83060a1e5361b69d7333b4c73bbfb1e85695bb85bd9e60eed8fa4f783a10f0e5b8badfb2eadf3803fa7c5c0ed3a1d3c0ea7ed4a47f851024e6c202d1c402ccfb33e8f8e4f0420b98068958fb291b239e5b5ae5470f8d33d8246c662ce5b401ac951ab247c5035809e0a5dbe0a0e0069307abcaca9a77b4621ec033916982c2fc6eb35d7d226b763d000a13b5012c174220adbe577eb105321052b3c0cb8848cbcb328a68b0e82b9493034f663724b00e2019bd3199c0030ee7d54d957015d85334854998767580148144b58516cf0fc7ef439396ec23ec7d61f82e5a99204a2607acbc91437a631dcc18fc8ee7ead2538effb04441159581501eedc649d5629a6432904a458bf1fa33e250b8efb091636ae27f13ca8c1f6d5a32b0c75dd107cdf97a32ea6063a07e94480d8e", @typed={0x4, 0x1e}, @nested={0x4, 0xe9}, @nested={0x4, 0x105}, @typed={0xc, 0xc9, 0x0, 0x0, @u64=0xfffffffffffffffc}, @generic="168cea5568064e1ef57fb13756638cbf713d99d9ce902b3eccde6a779eb98107837c264606265f47dbed61db42ef06dd5be2266fcc293340fadb480b368d511e186376d40dd9a5a54bcde6c4d13cbc2aa117411af91e85bb06376db72b2aa40f3231cabe9333544b8c85ee4b3181d68c20325be87191c41c"]}, @typed={0x9, 0x4, 0x0, 0x0, @str='sit0\x00'}]}, @NL802154_ATTR_SCAN_CHANNELS={0x8, 0x21, 0xfffffffb}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x5}]}, 0x12a8}, 0x1, 0x0, 0x0, 0x4000}, 0x44)
ustat$auto(0x2, &(0x7f0000001ac0)={0x329, 0x7fffffffffffffff, "14926ba82d79", "e26f4d13b6b3"})
gettid()
ioctl$auto__ctl_fops_dm_ioctl(r5, 0x6, &(0x7f0000001b00)="6d83681e1278c351129eabb771ceee6730cb43ca9f93dacfd3d80464e4a5e1405e0eda386b17094e6bf775381536dd64cc128cc8e84b42390717a762e849d8eb6214d72149d427e049e9f3e9afc8c7524e639936a2f17d9cde51f088e23b39be5aa7f76201771802c082aaf7e7f5d9be66c2993e1981f5c41bc3954f8af2249dd70d88f3a1a8aea441035d3366fb2792f0332c5c473ee61b71737edfd38bed4d71c1f2f89963783e09c70566585a4ae23efc6595d70147ba4a37935a2412bc7b954493c386ccd1e0f8fe85b353973f33cb1c66164564750b1c8b99b88826bf55940490e2148c882d2c0be4e1aa67371463df7ec3e11f9155cb48780076a6c649bc925d6c9765576a0f78ed0c1f1c9fa721ffe7d200918b8edd310b06ea21954c3837993d44d17e3a33735698adf234182c5a00c7ccf6f308d0e18c146ff11f8e796669fc7284d3dd044246fef71e5c39d7fd2045c647850fee8d270d10db39e1adc26d718ab525f6b26b3b46f0e98957b4d9582fb96503d874fe1c84c67820188b442c11dcd303fd4897eadc56b1526c78c46f643691af8b002429cdff902e678dcb7b3892d48f0433d5e953edac3193993ea8b7cad61fa2df20091f5f77df06e8766a1dc102a557ec7c0152ed576707071a33def408a25e012b5a6e25e45b5b1d08b5e6a5e224e357eb0b71e40a0f377cc16b69f1a2ad259eff60f0c55482836cd89dc1d902a9c6da3e983d27812632894b94e0a601e8d5db4187cfc63c18ac464800b8b21f892aa933c1036ba6954fb6139f69352e8327024805c241da6b4143613c6f14e0ada7fe8039451370d8505181ca3e0a97075ad0dd7f12e6af8ecabc3f1c32be8a9897ad9a4499dbff4369adf08d0c056585f9ceb7cf20ebd229e7668e12c446c2b36fd0e93631baa4dced2a170c155d1f0c0b15eff9d2252f9cb48150e5b9395d71f974f30dd995c7e37dcb27021d2910716e56245dcc8e266b8b3a91a1a92ee3d8e0258a18f115393646c882b4839fb7c7c01a82cc8c4512f43e15900dd487a2ace4615f5ec0694d764b8e4a64fd248bfe9657d6cbdefdd25880f96fba04cc6ae1b6eca466b94a0f37c17fd26e75c321bcf4fd6e98bc50e3fcbb771c0e1aac78e2e0d460f5da660570e4c8ad5f461c282ba5b542eb492a2afc2a5446f5b4f6be5baf32e629b02a79efcf20c2241e8fa63578ef7780b0ecd9ba95e3aeed61a3620216d2bee99f2e8657b0c9a3121cc34a1875c9b9a12fbb704b7ca1462ed1dd84a0b86d254f7d131feb56426656debb3acb84505dfda523da32565394147e9930fd114e5beef1f0826873b2a195ab00be6d60869c011db5cea9904039998dd24f0623d9926a4eb6177e1f6593c05b0f32bb4cde420edf693652c18af5949156a2b40f57045e223d977f6d0385f44466362eac088b2c5e5198b404170a82f6d2b48f326c4129b88b2f65f1bfa12684dbec0dc1d7f6c4c6312a151f37e9ef2f776878a870ffc18514b8eb04d5aafb03234fd6e40b2ece1bbec1618dec7e940428410c8391c0b4d0533a6279ecbfb0e757a4e3f9af93d6ef05acfc5ba7bd84fd20386c10b687b4a731120c43e0778e94638b37dd58598eb0dc47329ef8ca5cc53c4d74c2a98bbd0cd651c0029040b063ff61aba20073e791577f612fb87ed66abf68e1c9058aa21015fc2a84d71ed31f16a18aceeece6dd4a07f4c25b3ced3533699551bfbcb35dc1df9375681cd469ef25849d5daa9b25520dfffe4ae7758071ec2a18c351473c98346237dd9960bf1b063aec9ff51d78352da4c00bde83e2da2d830a3a01564c2253416802b1928ac074322e656ca0eb8def7baa082614b5568b3cc334bf0e7d9006770dea2ec6d8ee73f28922b3c8c069809f70094e37f82a6cf3338436aef3868350df0d7517bb88f27d7635a5c9fb2a2abbb5be8a7c47c52385bd09e164c21ff3c6d7c2d1633471edc2d6a7f4e44058b2dce8360ef923b0c466c0c3e4d34f4b64c2cfa4b571078ed68f3290594d4e837d27b144985f5a7215b11de882923120a474e81f1dc9d6511f5e1d140853b8fead0910d33c580768118b75d8cd86d9c5af72f16c9c6eb979d4e0e1fd49dfaf14d6875d89daf9f24229210b6fa2a26c6750c36414b04561341e947f2e932ba97a3b69c7711ee15a422ad74fc25ee42c806ba4dfea153943feb0f39b63fa1331a90cfc456b9c4a7fbfc0d66fb78c018c4d05d17203342bc5a8723ffab755acf510f5229fad3367dc4319c4f8097895fca9d1776fa868928e5b9d47c3bc36fc941d11d3a25fa5a484d6d1f5943a584142be1089d7bfd0e2c9f695ff932c662dc7e4c155ca5661d45abaf96859d6940d458be7632a42d5bf2b58ae22a783b0d69f2b617da1979e05c39b9faeb84eab9642822994c68d4f96d4c4b0454c0715f1928be07a2f63f75dabe9e7d059759f52d6ca1f6137284c259e302b9f60fb71b884ae38d9528e1258b28e41210b7aa91a9d0420d6a05194d129e85ce341029e2bc7d46d73beec0216f157c22b34c7d8c43d093ce3b7496e50d2b45ac7b62ca92c3e34752e001cd75a6cad8412a3481757e5013c8254624ff63995345e341a42b1639a4cf42c5978b4adb1c28b035c0e923539833cf0391de272e27df664ed16f0db1a4e91734e3c4b7cabde9781c512831ef75e79d653e22074f918f05af0db33cf3229ca81fdc4863945236934522ad3bdde6bdf3fe91d4ac2dead829b1d9f6466c61b577c787acde9984bd1b6de32b46d228c407b26af498ec60915d46e18a6c07d4ddf5340f9876bf85a6d4f3d6be8118652c84d00c72bcf99bcbe884e69dfbb89a6f79746117fd66296ec5355deb0f3e970f87e180f29e7990d83b154c7f7ae0a3be22b38b0ef433f996acbd3a4df4c6c594582ccb5e87810a5df4f3d2b81b2da025db6e3a165b8f44fd09083a382f1edb7769a9c7b90c4418e661ffd17c66cbb888a1c3f5c323862c63fcdd6ccbf18c45da118dcaee9f8bc4641b99677a80c60934abe1f2a68349dc9bdc8b3d1437136bf2e8b8877703a3d9f69fb7be8442c2be3a3e562ae51d035df78b7e7026780c503abcdb6299a3ebb752e1089ff2ff4b2f0fb8c7340f98ddc93a59c13a38c0e483d8b0fd50af92976e00f9dedcac6c18ef62e9020cb242060bbad403caf5b64d0f7158f3423b38df1f7ed99b55b33ccd2ec1d1eaed521d6c90216852c5baf6b92fcc13a7cf54cc874853e60143c7dec656712800c1dc2b57737c5c26cfb1a79c7aef26f6adf95b40384e571d1d5375b3ce678b97a2a51c25fe10f54de9ff24bc23b497603093f95d483b0dc023c38212ab70a04acf53e1f156299e0c907b4da9d9238eba110862a954617325c02848376381c8d1af3a031bae77b09825aa4b149445a941c600d2c9f658fda61e00f77f664cf3b62d2e41dce5042b212d3cd4558ae48063568e7f7049403930a987601cdc92005467ac74c0146787a1f1c345977eff1349a55c3dbfbd2f892b3048e965ce9b0d93c1087a5081e61d4a070e9be1008cc828241401d395116ae2b706e8d8e9b891353ca6cf8a15b2c4fc499090228a21bf63bf99800845bad242480c27586fa6939b54aded504563c1c92c8999068a5e2493f55ac88ce9d1c23db13bb87c797024358f23b8e0e70d422edc9e6cdbdf5238980a5e9fb7f1e795dceae5b8bf2c9d28f9772df923cc0e706aac330219223352203c6dcd72c9923fea8b0b5cf167fbd71ac9063c5c40001fae72b5ef0dccbcad942f36bb0e79a26b825141d8ec3970b3e357228f17c6006038de4d1ed2f6cff6ba6f3a735ac34603fd9d94078dde2ba776277a14abd4451ea5fb9b13a6f7ed20ca42063839242f01ef1c71894fcc2ae105ef29a51a5a99bbc63f685c5557b653950bc5ab5347219edbcf49d05a1b3fe3f30e42175ecb2190da082f133913a694f3cedf9187ddf7ba63ee48dcc03242e9f472577749429e7b0c7a08f0ab301fa3e44be6455c513e429e7598a28869746031453860d447bdd58c336789c8eed2636770c703d85fc0a897e1196c9b9cb13d26eb28cb2fd85a395a96e19ee78b4045f84e44b54277b20fb4318afa588b4a3414fd68c541ee26b90e9b33a7d6e18ef28413254674ab971e3c01e869bd7558534f394c5cba1f6fef558276fefca0d1d1e3775180d852d4c184fc605fc943961ac50e512bca8461529478ea3ee0b16de6b97e8923680d476bdecd44d27727c0bfcf054622e6b0d5c8279967851e94756ba805c2f39c725840d9c637e7c2a14a6d81c34ca291587243cb17a39f5b3e9ba239818db3619f05513961694cefcc13fafba0439fa5ee6498ac2634df5ac0458c8f50b0163579cbc9ac55646dbe463eb265ecc536c7426f8949ac1179a214319c8545470cf6e6b1a08c931c3f73807f079f0d4052188a23bdf128723cf7bd5c14fcc06b3110eaaa9c8166be390d8d1fdc99a63c94fba6397c3b3eca9185b7afde296ec5f5ae13b1646a4a54af214605c481a8cc052d82edc5fbdb6ec34810aef05eaed9034da1b44bda3a3a352a99c9ca491170754ce7c33e6db8fe7a82fc95b75733dbc3f55cc34cde9fd4dba6dc8887afbfbae663692cf5dd94bc529f33d554ee05c1549c881c5719687153bf8f4759c3cb94d9ba9cd2911e27e509de929805ddbb37a765d75b70e0601f317e87e611c9b3953987a6bdaa4cd4750f43dcecde3d02d87cc3d5f053b51eb084ab84a14b7cb8f6ca71ce34920914b1bac57599d3bd2b98197de8e04a58937d6c95e1f724aac75da6d817768ba9bba65553191573d67e9fc72f104587ac3904326e3aa651875438b573af65b7178a57696a2d3103277feb98e63ae8d7f2d4e053faf917e02362cf9a3c6ce83e98d1d31c9df3a96c3549aba565ee2a84a614480960f94ed4db867a09dca7db0fe2bbd821c06bdec1188dc7b3edfff77770f7b25706cd30a9b4c0f91cb21c16d2e81146abbc34cf0d9bd5062f92fb8769f7c6fd7ac8f787248e3b627b730b7771da8f666df490602bd0154b6d2b8e5d578d7f87ae4d74ac5d132ee7012cc72aefe8cb9e00e3eb6da09053d7fd47ce119c7890a7ed36039bbbe38325be2d989d17ed1da4cf1821f049503eab923cc90e0e5840fb735c0fe21b970acd2971f02cac62fc32d9ab308331a5387abe45dd69b0ed1208952166141014191d45b694a9f2aee0195ff2b4c635a1376a6d2e3f78120d7cf815afa8e096efedb6b3da56c33284034e82682c969c266b6ec581ee0c74d2b411479d1dfa497a759bc43089ab1bad19503fc6bd0e4b9447b78af387445c76a0f4e6afdf4777675422c259267b33b53b89380eb5ab5a187ab6a72f6481801d3cc167f1c2f850b568db34b17fc08245668a468a76e8e6d3673faf1d285752ab14c59107bd5ba93d418a9854efccca108cfa09abe32b0491eef2dd5eef13098ebda744dc6c731d5f4a3a3b6673c4ef3035e346210b578ac1a4d7c1474af0b77f5f70635e607ab414e517652e0f5b2d353d4ad906f414c0d7ceb23201cc600c0c822db16092424de53a7201650287b68463214b720d445113ec96e01ba6e85e105f64c5e4940042ee9802dc3b63d28226be36bd8b497b9ec28807339cbba01bc60170e36360514164831146ddf77ab53078096460b290d1c71a3ccad475115755b14cbf796d0e959fccfc2b3a593f5be7cd095e14e0e36ff753ec08fc42fd6d07958e83322596cebde714f31417a21951f0595f5a9b2f2e99610d4022db0467978d70ea40d94ac46d")
r12 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(r12, r7, 0x8)
r13 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000002b00)='/dev/vbi6\x00', 0x108000, 0x0)
timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0xd)
ppoll$auto(&(0x7f0000002b40)={<r14=>r12, 0x100, 0x81}, 0x7, &(0x7f0000002b80)={0x0, 0x6c29}, &(0x7f0000002bc0)={0x4}, 0x8)
r15 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000002c40), r1)
sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r5, &(0x7f0000002f80)={&(0x7f0000002c00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000002f40)={&(0x7f0000002c80)={0x2a0, r15, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@MACSEC_ATTR_SA_CONFIG={0x94, 0x3, 0x0, 0x1, [@generic="b17924c8670317f9db1b14e791f679de42562446a867c8380e2bca75c3a4ebe560f25f7e67c0386f103f743fa2b0cd0a3a2b6bb26b4cd7dfe3b907f477d35dad06c75ebf7581715518f6b0c8c2bc392cad95e1218c75cd6337f77d55e5a9a335253dcacef7b180e8cd36a74e24df0b24d863a39b55aeda026be665445ee5c959c74e9e137e1c784bfbf2b58137a55a7a"]}, @MACSEC_ATTR_SA_CONFIG={0xb5, 0x3, 0x0, 0x1, [@nested={0x78, 0x67, 0x0, 0x1, [@typed={0x6, 0x7c, 0x0, 0x0, @str='\\\x00'}, @nested={0x4, 0xbb}, @generic="c98c54f8a732c0567775a6c6987b7ab7e317e09c2dce0d354a0680f05f7d10eb911ddbf79f2d9466cf352a727264a6988accacf9f20f69703d35ec178dde6188f23698ff5a4f0177a8680dfc3886e12e3be05bc2b24684d5748545aa3bad56347631ebe0a759abfc"]}, @generic="0ec7d69181c67b9947dc781f9d34f5d374829048d0e6758f3d35920a0e9d6e0282923a5b64e1a382ffdb3b83e1387b56010926404b728b8d5b"]}, @MACSEC_ATTR_OFFLOAD={0x140, 0x9, 0x0, 0x1, [@typed={0xe, 0x2, 0x0, 0x0, @str='/dev/vbi6\x00'}, @nested={0x12a, 0x98, 0x0, 0x1, [@typed={0x8, 0xe3, 0x0, 0x0, @uid=r8}, @generic="f48d6e6d4753ab9346d0923c97f656a09690850ebd07505d08b0922ab5136cecfc51bd202a37ab5d1fec169275bba1c49fce80cc90f299fd193a59a79c75085a7b6e228595a291094f206fe4690af71f", @nested={0x4, 0x962}, @generic="b1cb34b82402520c4c6bac525389dcf3e6b6ea246555a54bebd90a1dfab03abcde02cead2007574609df29d6336aa5b01ef8ab44581c43d38f02369c0e3d463f34561d582c4e1b1bc9b1c5032a740f8cc00168f8b53da06adc66943cca0dde056be903f3345efc4c62e8f8830582a297d235c39ff5fc02920e6db3129224d25e781b9c5fbc740c1c864666b1cde633bcc5282ecf1d5e9c68743e1c11033f7dc083061df2dbcafd7ff6db0889203b044f68df2061a90889b9eddbff43cbb6c3d98bfe02def07d", @generic="384cf721"]}]}]}, 0x2a0}, 0x1, 0x0, 0x0, 0x46040}, 0x0)
mmap$auto(0xff, 0x7fffffffffffffff, 0x4, 0x1a, r13, 0x1)
semctl$auto_GETALL(0xf247, 0x371, 0xd, 0x5)
r16 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000003000), r14)
sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r9, &(0x7f00000030c0)={&(0x7f0000002fc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000003080)={&(0x7f0000003040)={0x34, r16, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x10}, @NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0x5}, @NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0x3}, @NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0xffff737e}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x8000)

3.329000509s ago: executing program 0 (id=2655):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x40080, 0x0)
syz_clone(0x800000, 0x0, 0x4e, 0x0, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002)
socket(0x2, 0x5, 0x0)
getsockopt$auto(0x4, 0x1, 0x4, 0xfffffffffffffffc, 0x0)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={0x0, 0x0, 0x401, 0x5, 0x3}}})
capget$auto(0x0, &(0x7f0000000040)={0xd, 0xb3d3, 0x1})
move_pages$auto(0x1, 0x233, 0x0, 0x0, 0x0, 0x8000000000000000)

3.013821947s ago: executing program 6 (id=2656):
r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(0x3, 0x5403, 0x38)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/boot_params/version\x00', 0x80000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000580)=""/216, 0xd8)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x0, 0x0)
ioctl$auto(r3, 0x540a, r1)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x80400, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
poll$auto(&(0x7f0000000080)={<r4=>r0, 0x9, 0x9816}, 0x7f, 0x3)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55)
shutdown$auto(0x200000003, 0x2)
shutdown$auto(0x200000003, 0x0)
ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0)
ioctl$auto(0x3, 0x5420, 0x38)

2.653992835s ago: executing program 6 (id=2657):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
r0 = openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
pidfd_getfd$auto(0x3, 0x1, 0x100000000)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r2, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x8000000000007}, 0x9)
lseek$auto(r0, 0x2, 0x1)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x3, 0x0)
r4 = semctl$auto_GETALL(0x10000, 0x7, 0xd, 0x873)
ioctl$auto_BLKTRACESETUP2(r3, 0xc0481273, &(0x7f00000000c0)={"51c320dfa096b9d1366a2a0cf902f98cffef14ab21962a362f8b841f0d97e1b3", 0xfff4, 0xfff, 0x3, 0x1000, 0x2, <r5=>r4})
getpgid(r5)
getpgid(r4)
r6 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
unshare$auto(0x40000080)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_BEARER_GET(r7, &(0x7f00000012c0)={0x0, 0xa6, &(0x7f0000001280)={&(0x7f00000000c0)={0x14, r8, 0x9d0da3446261172d, 0x70bd28, 0x5dfdbfe}, 0x14}, 0x1, 0xf0ffff, 0x0, 0x24000000}, 0x20008080)
move_pages$auto(0x1, 0x3, 0x0, 0x0, 0x0, 0x8000000000000000)
r9 = socket(0xa, 0x3, 0x3a)
getsockopt$auto(r9, 0x29, 0xd0, 0x0, 0x0)
ioctl$auto(r6, 0x2203, r6)

2.653191433s ago: executing program 2 (id=2665):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001a40), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_FRAME(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc0000}, 0x4040)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r2 = socket(0x2, 0x3, 0xfffffff1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb3, 0x401, 0x8000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x3, {0x2100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x80000004, 0x84, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x800})
r3 = socket(0x2b, 0x1, 0x1)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_STOP_AP(r6, &(0x7f0000001940)={0x0, 0x63, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="a4000000", @ANYRES32=r0, @ANYBLOB="29012cbd7000fddbdf251000000008000300", @ANYRES32=r5, @ANYBLOB="050039010c800000"], 0x24}, 0x1, 0x0, 0x0, 0x240448d0}, 0x14)
r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r7, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r8 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop9\x00', 0x0, 0x0)
ioctl$auto_BLKSSZGET(r8, 0x1268, 0x0)
r9 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000140), r2)
sendmsg$auto_OVS_DP_CMD_NEW(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, r9, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x5}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x800}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x731}, @OVS_DP_ATTR_NAME={0xf, 0x1, '/dev/tty12\x00'}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x20008040}, 0x4040000)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x1c, r11, 0x1, 0x70bd2b, 0x25dfdbfa, {}, [@HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000090}, 0x4044820)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
ustat$auto(0x801, 0x0)
sendmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x7fffffff, 0x0, 0x1, 0x4}, 0x0)

2.589222452s ago: executing program 4 (id=2658):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram2\x00', 0x14b682, 0x0)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SMC_PNETID_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd2d, 0x25dfdbfd}, 0x14}}, 0x40000)
read$auto(0x4, 0x0, 0xfdef)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c01f, 0x40000000, 0x800c000}, 0x4)
r2 = socket(0x1e, 0x4, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x106)
r3 = dup$auto(0xffffffffffffffff)
getsockopt$auto_SO_BROADCAST(r3, 0x7, 0x6, &(0x7f0000000000)='batadv\x00', &(0x7f0000000040)=0x5)
ioctl$auto_UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000280)={r2, 0x2, 0x1, 0x80000001})
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio7\x00', 0x8a440, 0x0)
ioctl$auto(0x3, 0xc02c5625, 0x38)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14)
kexec_load$auto(0x9, 0x80000001, &(0x7f00000000c0)={@kbuf=&(0x7f0000000180)="8f239861d37f8b8d3e03e4744418890a37a0db8ff0ccb6ba6a635b5f7b947179ce4e1767f064a3b7b76d1f6dfd409e23a3c070fe4df55551998620385055c841d36857342f086e0c3d8ea104e1a04cf4f569d77fabe025f094e871f8633c6464d0f464c0ed185a69c60c68feda33fe2e06ba1d30733f09b3e791a7e354edaec85c4ee91890ec10c87d9118046263727c1f911ffddb586845d551e0a9268b405b8e061add73a11e3e21cdf28824f7ab536d90760d118ce071ff06f7baa2a4f37bf5262b41b6b131577d81a4a7edef0e515ce13b25f4a4ae38476bfbff96754d7fcff7c3bef253ca1775", 0x3, 0x9, 0x6464}, 0x89e)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)

2.554389593s ago: executing program 0 (id=2659):
r0 = io_uring_setup$auto(0x800001, 0x0)
mmap$auto(0x8000000000000, 0x3, 0x40, 0xeb1, r0, 0x200008000)
openat$auto_ubifs_dir_operations_ubifs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x20c000, 0x0)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000040)=0x5)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r4 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x1f3340, 0x0)
r5 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0)
write$auto_drm_edid_fops_drm_debugfs(r5, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000340), r6)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="010026bd7000fbdbdf2504530a598a2b45731f52000000", @ANYRES16], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4004080)
mmap$auto(0x200000000000004, 0x8, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008008)
ioctl$auto(r5, 0x89f1, r4)
read$auto(0x3, 0x0, 0x80)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x2)
mq_open$auto(&(0x7f00000000c0)='\xff)-\\&[}\x00\x8b\xa5\x1f\x04< rU\xcf<,!\xc1\xa7\xcb\xedB\x1a\xc3P@V\xbbO\x86\xe6\x92}q\x92\x12\xff\x8a\xa1(\xa2\xc4Y\x88\tc<d\xd5N\x1az\xc2o\xf5b\xe4\x17\x16@\xa0dr\x15\x85\xad\x855\x90e\x96\a\xd1:&l\xcd1\xf1N\x11\xe4\xe97V\t\x93\x8f\xd2\x8e\xd9V\xf4\xe4p\xa7\a\xf9\xcf\x1c\xce\xf9\x0ff\xc2\xef\xe4\xb2\xf3\xc9\x0e\xc8\xac\xed\x16^VO\xb2}\x9e\x04\x8b\\\x92\xc18\x978h+s\x8a\xd9\t\xf1\t\xb7\xb8\xd9\rD+W\x98k\x1b\x9d\x1b\xde{H0\x0f\xdf\x9a\x7f\xde\xe9\xdc\xb8\xa3\x9cu^\x14s\x16\xd7\xaf\xda{\x1fO\xb3\xd3\x94\'C\a\xc1\xe8\x80\x1b\x8c\xbb\x7f\xa1\x9b\x93\n\xdeb\xa7\"qs\xd7\x97\x1f\x1b\xd7\x8aS5\n\x1c\xc7\x8a\xc0\xe9\x85\x80\aO\xb7e\xe1\xf3\xff\xca\x80\x17:\xaa3\xe7\xd4iJ\xc6\xd1\x902\xe1\x82W\x82N$D\xb7#Y<C\t\xad\x98\x03\xc9Da:\x8c\x05\xda4\x9b\x8eU$\x05^\x9e \x0fv!\a?\x88\v\xadu\x03\x15>', 0xde8, 0xf, 0x0)
setsockopt$auto_SO_PREFER_BUSY_POLL(0xffffffffffffffff, 0x79, 0x45, &(0x7f0000000200)='*\x00', 0x800)
mq_getsetattr$auto(0x0, &(0x7f0000000000)={0x0, 0x2, 0xf}, 0x0)
mmap$auto(0xfffff7feffffffff, 0x300a, 0x4, 0x1b, 0xffffffffffffffff, 0x1)
read$auto(r0, 0x0, 0x5)
r7 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r7, 0xc1105517, &(0x7f0000000580)={{@inferred, 0x200008, 0x20007, 0x3, "06c65b4d3c1c38c76d6778ad8eac3cda3543ee0d305300", @raw}, 0x4, 0x66, 0xf, @raw=0x1, @integer64={0x4, 0x8001, 0x8000000000000000}, "6cc1888a6393f1b4285854c5368de438f8cc142ef6df1259b073a17097000000b642b4051bc7955610c61c329794e5311121c760cb8211c78e6947a99807bcc1"})

1.614543188s ago: executing program 4 (id=2660):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event1\x00', 0x125182, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x112b730c2c00220b, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000000000), 0x0, 0x2)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
r1 = semctl$auto_GETVAL(0x1, 0x10, 0xc, 0xb0)
prctl$auto_PR_SET_MDWE(0x41, 0x4, r1, 0xf, 0x1)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
migrate_pages$auto(0x0, 0x74, 0x0, &(0x7f00000007c0)=0x1)
r2 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
capget$auto(&(0x7f0000000100)={0x8, <r4=>0x0}, &(0x7f00000000c0)={0x9, 0x8})
sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000140)={0x110, r3, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, "ea42e41cec4d4fef79cdc3a3"}, @NL80211_ATTR_PMK={0x44, 0xfe, "6f6b9b3d4ab0fe2ff4e468fb118627d2e7094f6a7ab7e09dcf1ceffe14dedf8d82618427ded04652737a7057a2708c026ca442a1417f2f308dfcc4b33e3c70eb"}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x91, 0x84, 0x0, 0x1, [@typed={0x8, 0xf9, 0x0, 0x0, @pid=r4}, @generic="66a59828293f079dfd1eb86b687ad07a39a3b1f605933a7f4b27220cda052afcfc43cf523adad0bea7ee66049e4769110f9117", @generic="8ef558ffbcc16d3f6e0502d83bbaf0593c23b52a9115656696310cc21980bf5387a13da7e4404604c314101c0a864b546bb29318e38598c929f907b1be15c54d6e6b63a89fd4adb1867ba8c1bd6411e8fb6d"]}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x8}, @NL80211_ATTR_HE_BSS_COLOR={0x4}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}]}, 0x110}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x10, 0x2, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/pcmC1D0c\x00', 0x2, 0x0)

1.486153653s ago: executing program 2 (id=2661):
r0 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4}, 0xa3)
mmap$auto(0x0, 0xfffffffffffffffd, 0xfffffffffffff3db, 0xffffffffffffff11, r0, 0x1000000028004)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x23, 0x6)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
getrusage$auto(0x0, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x400000000000100)
brk$auto(0xffffffffffffff67)
mmap$auto(0x3, 0x400009, 0xdf, 0x12, 0x2, 0x6)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r2 = socket(0x2b, 0x1, 0x0)
sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x2404c040)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8001)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7e, 0x4)
socket(0x2c, 0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020008, 0xdf, 0x4000000000000eb1, r1, 0x400000000008000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r2, 0x8, 0x0)
open(0x0, 0x62a640, 0x5d916a2ac3a8fe32)
socket(0x2, 0x3, 0xa)

1.295468347s ago: executing program 2 (id=2662):
mmap$auto(0x0, 0x2020009, 0xffff, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x7, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0)
ioctl$auto(0x3, 0x40000000, 0x38)
mlock$auto(0xffff, 0x6)
mmap$auto(0x0, 0x2020009, 0xffff, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x7, 0x8000) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) (async)
ioctl$auto(0x3, 0x40000000, 0x38) (async)
mlock$auto(0xffff, 0x6) (async)

950.959017ms ago: executing program 2 (id=2663):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_PPPIOCSMAXCID(r0, 0x40047451, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r3=>0x0})
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000300)={0x30, r2, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_COALESCE_TX_USECS_HIGH={0x8, 0x15, 0x2}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x40805}, 0x4000)
mmap$auto(0x4, 0x400000000002000e, 0x0, 0x16, 0xffffffffffffffff, 0x78)
gettimeofday$auto(&(0x7f0000000000)={0x4, 0x3}, 0x0)
ioctl$auto_KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xec)
mmap$auto(0x2, 0x2020009, 0x9, 0x50, 0xfffefffffffffffa, 0xbdeb)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video6\x00', 0x40, 0x0)
epoll_ctl$auto(0xffffffffffffffff, 0x1, r4, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r5, 0x6, 0x25, 0x0, 0x0)
mmap$auto(0x0, 0x2, 0xdf, 0x12, 0x2, 0x8000)
r6 = socketpair$auto(0x84, 0x1, 0x100, 0x0)
socket(0xb, 0x2, 0xfffffffe)
setsockopt$auto(r6, 0x1, 0x9, 0x0, 0x4)
mmap$auto(0x0, 0x100, 0xdf, 0x9b72, 0x2, 0x0)
r7 = socket(0x2b, 0x1, 0x1)
getsockopt$auto(0xffffffffffffffff, 0x25, 0x20000024, 0xfffffffffffffffe, 0x0)
r8 = socket(0x10, 0x2, 0x4)
io_uring_setup$auto(0x4bf15e0b, &(0x7f0000000000)={0x401, 0x8, 0x5, 0x6fb3, 0x89, 0x40000009, <r9=>0xffffffffffffffff, [0x100, 0x9, 0x7d], {0x6, 0x7, 0x3032, 0xe, 0x4000012, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x7, 0x0, 0x20f88, 0x9, 0x7fffffff, 0x8}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/pid\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="b0ab0b09ad94ef5b7e40cb5d142f7c71a078aa67fa477737f9e2aa83fa74096b1b9baa5a99616401847b690cec489dbfe1e6dfdb6486bbd581b6a40df7a9159314f5d4fc846b06897d208b3359f61185de2405c49c1d74f714106922147aaf792a138f3308bbe2ed169099b33aceb9a3f2eea23c08158b99fed7b28c5b95f05fe43a7de6780cef760c7dedec340a996de48dc61e707357cee61bab7dfa65f22e555377c53d68d7040cbb50ef38c8342f6369ed586f6abf46d7b5dbe612bc102a50a3f70f9bacbe737eb5c04f50e5e0e66c51fb41e19b3d5d", @ANYRESHEX=r4, @ANYBLOB="2c667e3d75c806670d388ddc0779ce4d444bca050080000000007aed87eeb42e7facc06671a1c38004addb29cb2ede22046100cafccc0a0af069f1803878d7321286ae1b456820ed21ce6a2e2314fbc8d4633b39f0234b6f639b999101995255c4d893082c8ee277792f037f879e203b3648f5da8946689aa68da1e3420f84a6ba09e3605f3d2cb071b101b6508861c9a6745bcdde9f17", @ANYRESOCT=r8, @ANYRESHEX, @ANYRESOCT=r7, @ANYRESOCT, @ANYRESHEX=r9, @ANYRES64=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000)

948.640441ms ago: executing program 0 (id=2664):
r0 = socket(0xa, 0x3, 0x2c)
setsockopt$auto(r0, 0x1, 0x44, &(0x7f0000000180)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\xb9E\x81\xb6F\x96\xa6\xba\xf4\x98;n\xb2nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x00\x00\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81', 0xa95e) (fail_nth: 2)

908.469163ms ago: executing program 6 (id=2666):
socket(0x2, 0x3, 0x6) (async, rerun: 32)
mmap$auto(0x2, 0x2000d, 0x4080000200df, 0xeb1, 0x404, 0x8000) (async, rerun: 32)
setsockopt$auto(0x3, 0x0, 0x24, 0x0, 0x28)

500.22106ms ago: executing program 2 (id=2667):
mmap$auto(0x0, 0xe985, 0xdf, 0xeb1, 0x401, 0x8000) (async)
timer_settime$auto(0xfff, 0x2, &(0x7f0000000080)={{0x9, 0x7}, {0x9, 0x5}}, 0x0) (async)
r0 = socket(0x18, 0x5, 0x2)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x81)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) (async)
ioctl$auto_PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) (async)
r1 = timerfd_create$auto(0x9, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
semctl$auto(0x1ff, 0x3, 0x13, 0x4) (async)
read$auto(r1, 0x0, 0x80)
ioctl$auto(0x3, 0x40085400, 0x5)
socket(0x10, 0x2, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000540)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x40141, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
r3 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x80441, 0x0) (async)
socket(0xa, 0x2, 0x0) (async)
socket(0xa, 0x2, 0x3a) (async)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) (async)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x29, 0x0, 0x28)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0) (async)
openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, 0x0, 0x1a3800, 0x0) (async)
write$auto_aoe_fops_aoechr(r3, 0x0, 0x0) (async)
mmap$auto(0x0, 0x1, 0xdf, 0x9b72, r3, 0x208000) (async)
socket$nl_generic(0x10, 0x3, 0x10)

413.63718ms ago: executing program 0 (id=2668):
madvise$auto(0x110c230000, 0x1, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64)
socket(0x21, 0x2, 0x2) (async, rerun: 64)
r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x189002, 0x0)
write$auto_configfs_file_operations_configfs_internal(r0, &(0x7f0000000140)="8e", 0x1) (async)
socket(0x1d, 0x2, 0x2)
socket(0x23, 0x2, 0x0)
openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r1 = socket(0x2c, 0x2, 0x4)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/fb0\x00', 0x800, 0x0) (async)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x200, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS64(r2, 0xc0385720, &(0x7f0000000080)={0x0, "aa8c44a1", 0x6, 0x8, 0x3, 0x6e48, "9f929aabd06e2686b720bf916f3fa0df"}) (async)
socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(0x8000000000000001, 0x5, 0x8) (async)
read$auto(0xffffffffffffffff, 0x0, 0x8) (async)
readv$auto(0x3, 0x0, 0x1) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="250f26bd70b982e4c34d72056bbc"], 0x14}, 0x1, 0x0, 0x0, 0x4048000}, 0x4044054)
mmap$auto(0x1000, 0x1, 0x7ff, 0x19, 0xffffffffffffffff, 0x1)
mmap$auto(0x0, 0xe983, 0xdf, 0x16, 0x401, 0x7ffc)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xb, 0x4, 0x16, 0x940, 0x1ffe0, 0x0, 0x6, 0x0, 0x2, 0x25, 0xfff, 0x7, 0x4, 0x1, 0x5, 0x5, 0x5, 0x7, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, [0x0, 0x2, 0x0, 0x5, 0x0, 0x3, 0x3, 0x3, 0x1000000000000, 0x0, 0x40000000003, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbd0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x401, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0xfffffffb, 0x0, 0x0, 0x10000, 0xbf]}, 0x10, 0xfffffb26) (async)
ioctl$auto(0x3, 0x8008743f, 0x1) (async)
r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), r1)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET2(r1, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xffffffffffffff54, &(0x7f0000000140)={&(0x7f0000000640)={0x14, r5, 0x100, 0x70bd2a, 0x25dedbbb, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008091}, 0x440ecc4159a90d00)
r6 = socket(0x2c, 0x3, 0x0) (async, rerun: 64)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (rerun: 64)
r7 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYRESOCT=r3, @ANYRES32, @ANYBLOB="711d540e0918011e570eb8584968c7c86b73a3758fbbc76696e47e0451cb0c09948493b00ea1b2e720e2d782103ad4ab0fe8367d23e9c23e0afd411fe24de58c7b0e2713bf5f1fe04bae99d5d1191b8ed9752082f328a5bf56c7d6ab5bcc7ec84eb72b3cc60c0ad667b54bd3b754aa73c3d13aa1bb", @ANYRES32=r7, @ANYRESOCT=r6, @ANYBLOB="adff8fea6ee5f355daf31605637b71e17c20c1257999e9333db2c7e2d5cbe3c0c4030800a588692bf136b1f08c8617d14525dc09bcf7101b7893715fc6dc9ca61ccbf51d339377af87da54094d40a70553ac819fb4cd679cb1275724fc21a692be", @ANYBLOB="046c33467d9e00948e491ad5cb3e9c1679a965626cb77ecdaf9ce377c743458ac04e346c7d795ff3004f02827c97d468fd6e55bf97f7e255ca"], 0x1ac}}, 0x40000) (async)
sendmmsg$auto(r7, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

398.691361ms ago: executing program 6 (id=2669):
sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x128, 0x0, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_OUT_KEY_ID={0x109, 0x2b, 0x0, 0x1, [@generic="7301dfaf1b11484f767b0b88e9fb2a058ad010d1d9a496daec3aaab79d0adb6dcef2fc28e578bcadaa1a6b35e5e65d7eba8fadacb33a4efcf331a8e6692833bd276dcb7334d9b7dbaa56de889669fc78bce9c2c3536f77f6c648332b340a02c131d9a4629c156ecdd0a75790f4987bc1783a07df31c7b4c3d0026f1dddc8eeb14a090076b6b0de0b74716d2b3d41f1c1c7bfbcd52260f1167782e578337beedc96cfe96a27acb5f5a259d3b7cb2680bfd48345511bdcc3f681a92ed338fbab7a877e79973f49f70803f2a0e14bdfa0e6e6e3b94044", @generic="465aa3ba09250849319fb3d46220508fb557dab7c7300cdd1dec8e05035ed07265e01adde759610c", @typed={0x8, 0x0, 0x0, 0x0, @ipv4=@empty}]}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x8001}]}, 0x128}}, 0x80)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, 0x0, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)

271.411547ms ago: executing program 4 (id=2670):
r0 = socket(0x23, 0x2, 0x0)
getsockname$auto(r0, &(0x7f00000001c0), &(0x7f0000000040)=0xcf)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r1)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, r2, 0x20, 0x70bd25, 0x25dfdbff, {}, [@HWSIM_ATTR_PERM_ADDR={0xa, 0x16, '\x00\x00\x00\x00\x00\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x4004040)

73.310636ms ago: executing program 4 (id=2671):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mbind$auto(0x0, 0x2, 0x2, 0x0, 0x7, 0x0) (async)
mbind$auto(0x0, 0x2, 0x2, 0x0, 0x7, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) (async)
write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x2841, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mknod$auto(0x0, 0x1081, 0x3)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0xa00, 0x100)
sysfs$auto(0x2, 0x1e, 0x0) (async)
sysfs$auto(0x2, 0x1e, 0x0)
socket(0x2, 0x1, 0x0) (async)
socket(0x2, 0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/cifs/smbd_send_credit_target\x00', 0x40, 0x0)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
shutdown$auto(0x200000003, 0x2) (async)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x23, 0x80805, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) (async)
rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8)
rt_sigaction$auto(0x4, &(0x7f0000000300)={&(0x7f0000000240)=0x0, 0x0, 0x0, {0x1}}, 0x0, 0x8)
r1 = gettid()
rt_sigqueueinfo$auto(r1, 0x1, 0x0) (async)
rt_sigqueueinfo$auto(r1, 0x1, 0x0)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r0, 0x0, 0x840) (async)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r0, 0x0, 0x840)
io_getevents$auto(0x1, 0x401, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 6 (id=2672):
r0 = openat$auto_proc_page_owner_threshold_(0xffffffffffffff9c, &(0x7f0000000000), 0x139280, 0x0)
read$auto(r0, &(0x7f00000000c0)='\x00', 0x401)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bond_slave_1\x00', <r2=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7200fedbdf250300000008000300000200000629c918b7350007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32=r2, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB="0800030006000000"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0p\x00', 0x40000, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="fe01fafa00000000000045a8bf3830e1f79fb1a77fe44f40497dd775b8c2d58ef567e42c309dd52bd265", @ANYRES32=r3], 0x1ac}}, 0x400c006)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r4 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci0/force_suspend\x00', 0x100, 0x0)
read$auto(r4, &(0x7f0000000040)='\xcb%\x83\x9eZ\xbb\xbb?\xdc\xef\'\xdf)\x00', 0x7)

kernel console output (not intermixed with test programs):




	


	
	






	




	

	
	




		

		
	

	
	
		

			










	

	

	
	
	
	



















	





	




	


	
















			
	

	
		
	

	
		
							


	

	
		
	
	
	
	
	
	
							


	

	
		
		
	
	

	
		

	
				
	
	



				
		
	

	
		
	
							



	
		

	


	
	

		
	
		
	


	



			








	




	





			




		

			

			
		



	


	


			

		

















	










	






	






		










	
		

	


	
	

		
	
		
	


	



			








	


	
	


	




		

		

		

			



	




	





	


	
	



	
	


	









	

	

	
	
	
	



















	



	




	
	









	

	

	
		

	


	
	

		
	
		
	


	



			








	


	
	


	





















	


	
	
	
	
	


	









	

	

	
	
	
	



















	



	




	
	
















































	
		



		

			

		
						



		



		



		

			






	




		
		
	

	

	
	













	
	
	
		







		
	
				




	


	
	


	


			
	
	
	
	




	

	

	
	




	




	








			
	

	


	

	


		






	
			
	
	
	


	










		



	

	
	

		

	



	






	



	

	







		


	
	





			

	



		











	




		


	
	




		
	
	


	
		







	
		
	


	

	
			
	

	
		
	

	
		



				



		

			
	

	
		
	

	
		
	

	
		
		


			
		


			
			
		
			
		

	
		

	


	
	

		
	
		
	


	



			








	


	
	


	





	

	

	

	
	
	
	
		
	

	









	












	

	

	
	
	
	
	

















	



	




	
	










	
	

				

	

	
		
						
	
						
	
						
	
						
	

	
		

	


	
	

		
	
		
	


	



			








	


	
	


	

























	
	







	

	














	

	

	
	
	
	
	



















	



	




	
	








	

	

	
	
		
		


	

	

	
	
		
		


	

	
		
			

	
	
	

			

	
	
	

			



							



	

	





	

	









		









	

	









		






	


	

	

	
	

	
		

				



				







	

	









		









	

	









		





	
		

	


	
	

		
	
		
	


	



			








	


	
	


	





	

	




	





	


	
	
	
	
	


	









	

	

	
	
	
	









	
	










	



	




	
	









	
		

	


	
	

		
	
		
	


	



			








	


	
	


	




		

		

			

	






	





	

	

	
	
	
	

















	





	






		









	

	
		


		
	
		
	



				
		
	


			
		
	
	
		
	
	
		
		
	
		
	

	
	
		
	

	
	
			
	
	
		

		

	

	
		
	

	
		


	
	
	
	

	
		
		
		

	

	



	

	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		

	
		

	


	
	

		
	
		
	


	



			








	


	
	


	




		

		

		

			



	
	
	
	
	
	

	

	
	

	





	








	

	

	
	
	
	
	



















	





	




	


	













	




	

	
		

	
		

	


		

		
	
		
	


	



			








	











	






	






	






	






		











	

	
	

	
		
	

	
	

	
	

	
	
	
	

	
	
	
	
	
	

	
		
	

	
	

	
		
	
	
	

	
	

	
	

	
	

	
	

	
	

	

	
	

	
	
	
	

	
	

	
							


	

	
							


	
	

	
	
	

	


	
	
	
	
	
	
			
	

	
		
	

	



	











	

	
		
	

	



	


	
	

	
	
	

	
		
	
	

	

	

	
		
	
	
	

	

	

	
		
	

	
	

	
		
	

	

	

	
		



	
	

	
	
	

	
		
	

	
		
	

	
		


	

		


	

	
		

	


	
	

		
	
		
	


	



			








	


	
	


	













	
	
	


	

	

		
		
		



	


	


			

		

















	










	





	






		









	

	
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		

	
		

	


		

		
	
		
	


	



			








	
















	










	





	







		













		



		



	




	

	
	

	
	

	
	

	
	

	
		

	
		

	


	

	

		
	
		
	


	



			








	

	

	



























	

		
	
	









	

	



	


	
	
		



















	

	
















	
		







	










	
	








	





	






		









	

	
	

	
	
	
	

	
	

	
	

	
		
	

	
		
	
	
	
	
	
	
							


	
			

		
	




		
		

		
		


	

	

	
	
		
		

		
		


	

	

	
	


	
	


		
	
	


	
	


		
	
	

	




	









		









	



	
	






			
	

		

	





		



	
		

	






		









	



	
	






			
	

		

	





		



	
		

	

	

	
		






	
						
	
	
	
						
	
						
	
						
	
	


	
			

			

			

			


	
		

	
		
	
	

	
		

		
		

		
	
	

		
		

		
	
	




		
		
	


		
		
	

	
		


	
	

	

	


	


	
















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	






	

	




















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	






	

	




			
	
			
	
			
	
			
	

syzkaller
syzkaller login: [  595.967440][T15655] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  595.984166][T15655] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  596.126569][T15927] Bluetooth: hci4: command tx timeout
[  596.337198][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  596.359612][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  596.848274][T16057] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  598.203437][T15927] Bluetooth: hci4: command tx timeout
[  598.849466][T16085] Process accounting resumed
[  598.988112][T16079] ptrace attach of "./syz-executor exec"[12564] was attempted by "./syz-executor exec"[16079]
[  599.152436][T16091] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2256'.
[  599.181757][T16091] ipvlan1: entered allmulticast mode
[  599.188950][T16091] veth0_vlan: entered allmulticast mode
[  601.117272][T16120] FAULT_INJECTION: forcing a failure.
[  601.117272][T16120] name failslab, interval 1, probability 0, space 0, times 0
[  601.179399][T16120] CPU: 0 UID: 0 PID: 16120 Comm: syz.4.2264 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  601.179443][T16120] Tainted: [U]=USER
[  601.179452][T16120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  601.179467][T16120] Call Trace:
[  601.179476][T16120]  <TASK>
[  601.179487][T16120]  dump_stack_lvl+0x16c/0x1f0
[  601.179523][T16120]  should_fail_ex+0x50a/0x650
[  601.179559][T16120]  ? fs_reclaim_acquire+0xae/0x150
[  601.179593][T16120]  should_failslab+0xc2/0x120
[  601.179631][T16120]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  601.179668][T16120]  ? ima_inode_get+0x120/0x580
[  601.179708][T16120]  ima_inode_get+0x120/0x580
[  601.179744][T16120]  process_measurement+0x70a/0x2370
[  601.179790][T16120]  ? __pfx_process_measurement+0x10/0x10
[  601.179837][T16120]  ? aa_file_perm+0x4c6/0xfe0
[  601.179870][T16120]  ? trace_lock_acquire+0x14e/0x1f0
[  601.179939][T16120]  ima_file_mmap+0x1b3/0x1e0
[  601.179973][T16120]  ? __pfx_ima_file_mmap+0x10/0x10
[  601.180015][T16120]  security_mmap_file+0x88c/0x990
[  601.180047][T16120]  vm_mmap_pgoff+0xdb/0x3a0
[  601.180083][T16120]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  601.180118][T16120]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  601.180149][T16120]  ? hugetlbfs_get_inode+0x323/0x740
[  601.180181][T16120]  ksys_mmap_pgoff+0x1c8/0x5c0
[  601.180214][T16120]  __x64_sys_mmap+0x125/0x190
[  601.180246][T16120]  do_syscall_64+0xcd/0x250
[  601.180276][T16120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.180305][T16120] RIP: 0033:0x7f05c0d8cde9
[  601.180324][T16120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  601.180345][T16120] RSP: 002b:00007f05c1bb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  601.180366][T16120] RAX: ffffffffffffffda RBX: 00007f05c0fa5fa0 RCX: 00007f05c0d8cde9
[  601.180381][T16120] RDX: 0000000000000fff RSI: 000000000000000c RDI: 0000000000000000
[  601.180394][T16120] RBP: 00007f05c0e0e2a0 R08: 0000000000010006 R09: 0000300000000000
[  601.180408][T16120] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000
[  601.180421][T16120] R13: 0000000000000000 R14: 00007f05c0fa5fa0 R15: 00007ffdb56b91f8
[  601.180450][T16120]  </TASK>
[  602.681928][T16135] vivid-003: =================  START STATUS  =================
[  602.702617][T16135] vivid-003: Radio HW Seek Mode: Bounded
[  602.710633][T16135] vivid-003: Radio Programmable HW Seek: false
[  602.803122][T16135] vivid-003: RDS Rx I/O Mode: Block I/O
[  602.851978][T16135] vivid-003: Generate RBDS Instead of RDS: false
[  602.859052][T16135] vivid-003: RDS Reception: true
[  603.012116][T16135] vivid-003: RDS Program Type: 0 inactive
[  603.018505][T16135] vivid-003: RDS PS Name:  inactive
[  603.141942][T16135] vivid-003: RDS Radio Text:  inactive
[  603.148047][T16135] vivid-003: RDS Traffic Announcement: false inactive
[  603.262677][T16135] vivid-003: RDS Traffic Program: false inactive
[  603.269741][T16135] vivid-003: RDS Music: false inactive
[  603.441924][T16135] vivid-003: ==================  END STATUS  ==================
[  603.829530][T16147] FAULT_INJECTION: forcing a failure.
[  603.829530][T16147] name fail_futex, interval 1, probability 0, space 0, times 0
[  603.872027][T16147] CPU: 0 UID: 0 PID: 16147 Comm: syz.4.2273 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  603.872068][T16147] Tainted: [U]=USER
[  603.872076][T16147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  603.872090][T16147] Call Trace:
[  603.872098][T16147]  <TASK>
[  603.872108][T16147]  dump_stack_lvl+0x16c/0x1f0
[  603.872143][T16147]  should_fail_ex+0x50a/0x650
[  603.872184][T16147]  get_futex_key+0x4a3/0x1000
[  603.872213][T16147]  ? __pfx_futex_wake_mark+0x10/0x10
[  603.872246][T16147]  ? __pfx_get_futex_key+0x10/0x10
[  603.872275][T16147]  ? __pfx____sys_sendmsg+0x10/0x10
[  603.872313][T16147]  futex_wake+0xe8/0x4e0
[  603.872349][T16147]  ? __pfx_futex_wake+0x10/0x10
[  603.872380][T16147]  ? trace_lock_acquire+0x14e/0x1f0
[  603.872411][T16147]  ? lock_acquire+0x2f/0xb0
[  603.872452][T16147]  ? __fget_files+0x40/0x3a0
[  603.872493][T16147]  do_futex+0x1e5/0x350
[  603.872522][T16147]  ? __pfx_do_futex+0x10/0x10
[  603.872551][T16147]  ? fdget+0x187/0x210
[  603.872582][T16147]  ? __sys_sendmsg+0x19a/0x220
[  603.872615][T16147]  __x64_sys_futex+0x1e1/0x4c0
[  603.872645][T16147]  ? __pfx___x64_sys_futex+0x10/0x10
[  603.872682][T16147]  do_syscall_64+0xcd/0x250
[  603.872714][T16147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.872749][T16147] RIP: 0033:0x7f05c0d8cde9
[  603.872771][T16147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  603.872795][T16147] RSP: 002b:00007f05c1bb50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  603.872820][T16147] RAX: ffffffffffffffda RBX: 00007f05c0fa5fa8 RCX: 00007f05c0d8cde9
[  603.872839][T16147] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f05c0fa5fac
[  603.872856][T16147] RBP: 00007f05c0fa5fa0 R08: 00007f05c1bb6000 R09: 0000000000000000
[  603.872870][T16147] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f05c0fa5fac
[  603.872884][T16147] R13: 0000000000000000 R14: 00007ffdb56b9110 R15: 00007ffdb56b91f8
[  603.872913][T16147]  </TASK>
[  603.887832][T16151] dyndbg: bad flag-op n, at start of nfs4
[  604.193773][T16151] dyndbg: flags parse failed
[  607.309056][T16195] mkiss: ax0: crc mode is auto.
[  608.919392][T16224] FAULT_INJECTION: forcing a failure.
[  608.919392][T16224] name failslab, interval 1, probability 0, space 0, times 0
[  608.937670][T16224] CPU: 0 UID: 0 PID: 16224 Comm: syz.4.2291 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  608.937711][T16224] Tainted: [U]=USER
[  608.937720][T16224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  608.937735][T16224] Call Trace:
[  608.937743][T16224]  <TASK>
[  608.937754][T16224]  dump_stack_lvl+0x16c/0x1f0
[  608.937789][T16224]  should_fail_ex+0x50a/0x650
[  608.937826][T16224]  ? fs_reclaim_acquire+0xae/0x150
[  608.937861][T16224]  should_failslab+0xc2/0x120
[  608.937900][T16224]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  608.937936][T16224]  ? alloc_empty_file+0x73/0x1e0
[  608.937967][T16224]  alloc_empty_file+0x73/0x1e0
[  608.937994][T16224]  alloc_file_pseudo+0x13b/0x230
[  608.938023][T16224]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  608.938051][T16224]  ? alloc_fd+0x41f/0x760
[  608.938089][T16224]  sock_alloc_file+0x50/0x210
[  608.938126][T16224]  __sys_socket+0x1c2/0x260
[  608.938153][T16224]  ? __pfx___sys_socket+0x10/0x10
[  608.938179][T16224]  ? rcu_is_watching+0x12/0xc0
[  608.938220][T16224]  __x64_sys_socket+0x72/0xb0
[  608.938245][T16224]  ? lockdep_hardirqs_on+0x7c/0x110
[  608.938273][T16224]  do_syscall_64+0xcd/0x250
[  608.938306][T16224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.938342][T16224] RIP: 0033:0x7f05c0d8cde9
[  608.938362][T16224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  608.938385][T16224] RSP: 002b:00007f05c1bb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  608.938409][T16224] RAX: ffffffffffffffda RBX: 00007f05c0fa5fa0 RCX: 00007f05c0d8cde9
[  608.938426][T16224] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  608.938441][T16224] RBP: 00007f05c0e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  608.938456][T16224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  608.938472][T16224] R13: 0000000000000000 R14: 00007f05c0fa5fa0 R15: 00007ffdb56b91f8
[  608.938504][T16224]  </TASK>
[  610.031070][T16240] netlink: 'syz.4.2294': attribute type 10 has an invalid length.
[  612.519649][T16310] futex_wake_op: syz.0.2305 tries to shift op by 64; fix this program
[  615.811610][T16370] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2314'.
[  616.179665][T16375] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2316'.
[  616.239373][T16375] netlink: 222 bytes leftover after parsing attributes in process `syz.4.2316'.
[  617.796502][T16406] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2323'.
[  619.519020][T16432] Invalid ELF header magic: != ELF
[  622.518378][T16459] FAULT_INJECTION: forcing a failure.
[  622.518378][T16459] name failslab, interval 1, probability 0, space 0, times 0
[  622.544532][T16459] CPU: 0 UID: 0 PID: 16459 Comm: syz.2.2338 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  622.544574][T16459] Tainted: [U]=USER
[  622.544583][T16459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  622.544598][T16459] Call Trace:
[  622.544607][T16459]  <TASK>
[  622.544617][T16459]  dump_stack_lvl+0x16c/0x1f0
[  622.544653][T16459]  should_fail_ex+0x50a/0x650
[  622.544691][T16459]  ? fs_reclaim_acquire+0xae/0x150
[  622.544724][T16459]  ? xfrm_hash_alloc+0xd1/0x100
[  622.544758][T16459]  should_failslab+0xc2/0x120
[  622.544807][T16459]  __kmalloc_noprof+0xcb/0x510
[  622.544846][T16459]  ? xfrm_nat_keepalive_net_init+0xe1/0x140
[  622.544879][T16459]  xfrm_hash_alloc+0xd1/0x100
[  622.544914][T16459]  xfrm_state_init+0x160/0x630
[  622.544953][T16459]  ? __pfx_xfrm_net_init+0x10/0x10
[  622.544986][T16459]  xfrm_net_init+0x211/0xcb0
[  622.545026][T16459]  ? __pfx_xfrm_net_init+0x10/0x10
[  622.545059][T16459]  ops_init+0x1df/0x5f0
[  622.545097][T16459]  setup_net+0x21f/0x860
[  622.545135][T16459]  ? __pfx_setup_net+0x10/0x10
[  622.545166][T16459]  ? down_read_killable+0xcc/0x380
[  622.545198][T16459]  ? __pfx_down_read_killable+0x10/0x10
[  622.545228][T16459]  ? __raw_spin_lock_init+0x3a/0x110
[  622.545269][T16459]  ? debug_mutex_init+0x37/0x70
[  622.545299][T16459]  copy_net_ns+0x2b4/0x6c0
[  622.545339][T16459]  create_new_namespaces+0x3ea/0xad0
[  622.545386][T16459]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  622.545429][T16459]  ksys_unshare+0x45d/0xa40
[  622.545456][T16459]  ? __pfx_ksys_unshare+0x10/0x10
[  622.545481][T16459]  ? xfd_validate_state+0x5d/0x180
[  622.545529][T16459]  __x64_sys_unshare+0x31/0x40
[  622.545557][T16459]  do_syscall_64+0xcd/0x250
[  622.545590][T16459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  622.545624][T16459] RIP: 0033:0x7f5e1978cde9
[  622.545646][T16459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  622.545670][T16459] RSP: 002b:00007f5e1a58c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  622.545695][T16459] RAX: ffffffffffffffda RBX: 00007f5e199a6080 RCX: 00007f5e1978cde9
[  622.545713][T16459] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  622.545729][T16459] RBP: 00007f5e1980e2a0 R08: 0000000000000000 R09: 0000000000000000
[  622.545745][T16459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  622.545761][T16459] R13: 0000000000000000 R14: 00007f5e199a6080 R15: 00007ffd96c85ac8
[  622.545801][T16459]  </TASK>
[  622.828816][T16470] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2339'.
[  623.080544][T16470] FAULT_INJECTION: forcing a failure.
[  623.080544][T16470] name failslab, interval 1, probability 0, space 0, times 0
[  623.094590][T16470] CPU: 0 UID: 5 PID: 16470 Comm: syz.0.2339 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  623.094627][T16470] Tainted: [U]=USER
[  623.094635][T16470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  623.094647][T16470] Call Trace:
[  623.094656][T16470]  <TASK>
[  623.094666][T16470]  dump_stack_lvl+0x16c/0x1f0
[  623.094701][T16470]  should_fail_ex+0x50a/0x650
[  623.094746][T16470]  ? fs_reclaim_acquire+0xae/0x150
[  623.094779][T16470]  should_failslab+0xc2/0x120
[  623.094814][T16470]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  623.094847][T16470]  ? lockdep_init_map_type+0x16d/0x7d0
[  623.094881][T16470]  ? security_inode_alloc+0x3b/0x2b0
[  623.094912][T16470]  security_inode_alloc+0x3b/0x2b0
[  623.094938][T16470]  inode_init_always_gfp+0xce4/0x1030
[  623.094978][T16470]  alloc_inode+0x82/0x230
[  623.095001][T16470]  sock_alloc+0x40/0x280
[  623.095036][T16470]  __sock_create+0xc1/0x8d0
[  623.095061][T16470]  ? __pfx_lock_release+0x10/0x10
[  623.095095][T16470]  __sys_socket+0x14f/0x260
[  623.095120][T16470]  ? __pfx___sys_socket+0x10/0x10
[  623.095147][T16470]  ? do_user_addr_fault+0x83d/0x13f0
[  623.095182][T16470]  __x64_sys_socket+0x72/0xb0
[  623.095205][T16470]  ? lockdep_hardirqs_on+0x7c/0x110
[  623.095231][T16470]  do_syscall_64+0xcd/0x250
[  623.095260][T16470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.095292][T16470] RIP: 0033:0x7f0c8958ed07
[  623.095311][T16470] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.095335][T16470] RSP: 002b:00007f0c8a3e5fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  623.095357][T16470] RAX: ffffffffffffffda RBX: 00007f0c897a5fa0 RCX: 00007f0c8958ed07
[  623.095374][T16470] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  623.095389][T16470] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  623.095404][T16470] R10: 0000400000000040 R11: 0000000000000286 R12: 0000000000000000
[  623.095419][T16470] R13: 0000000000000000 R14: 00007f0c897a5fa0 R15: 00007ffdae0ca6b8
[  623.095448][T16470]  </TASK>
[  623.095502][T16470] socket: no more sockets
[  624.695003][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.702075][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  624.931496][T16495] Invalid ELF header magic: != ELF
[  626.798492][T16496] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2344'.
[  626.829850][T16496] ip_vti0: entered allmulticast mode
[  628.058883][T16541] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  628.084786][T16542] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  628.273026][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  628.285220][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  628.306400][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  628.316670][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  628.339686][ T5844] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  628.350518][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  628.367121][T15657] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.480354][T15657] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.569410][T15657] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.588008][T16543] chnl_net:caif_netlink_parms(): no params data found
[  628.645772][T15657] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.685305][T16543] bridge0: port 1(bridge_slave_0) entered blocking state
[  628.693566][T16543] bridge0: port 1(bridge_slave_0) entered disabled state
[  628.701703][T16543] bridge_slave_0: entered allmulticast mode
[  628.711632][T16543] bridge_slave_0: entered promiscuous mode
[  628.725142][T16543] bridge0: port 2(bridge_slave_1) entered blocking state
[  628.736703][T16543] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.744775][T16543] bridge_slave_1: entered allmulticast mode
[  628.752093][T16543] bridge_slave_1: entered promiscuous mode
[  628.834071][T16543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  628.859189][T16543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  628.969861][T16543] team0: Port device team_slave_0 added
[  629.004178][T16543] team0: Port device team_slave_1 added
[  629.021270][T16558] FAULT_INJECTION: forcing a failure.
[  629.021270][T16558] name failslab, interval 1, probability 0, space 0, times 0
[  629.036550][T16558] CPU: 1 UID: 0 PID: 16558 Comm: syz.4.2356 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  629.036589][T16558] Tainted: [U]=USER
[  629.036598][T16558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  629.036610][T16558] Call Trace:
[  629.036618][T16558]  <TASK>
[  629.036628][T16558]  dump_stack_lvl+0x16c/0x1f0
[  629.036661][T16558]  should_fail_ex+0x50a/0x650
[  629.036700][T16558]  ? fs_reclaim_acquire+0xae/0x150
[  629.036733][T16558]  should_failslab+0xc2/0x120
[  629.036773][T16558]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  629.036809][T16558]  ? lockdep_init_map_type+0x16d/0x7d0
[  629.036844][T16558]  ? locks_get_lock_context+0x249/0x420
[  629.036885][T16558]  locks_get_lock_context+0x249/0x420
[  629.036915][T16558]  generic_setlease+0x5e9/0x1310
[  629.036944][T16558]  ? __pfx_lock_release+0x10/0x10
[  629.036983][T16558]  ? __pfx_generic_setlease+0x10/0x10
[  629.037021][T16558]  kernel_setlease+0x106/0x140
[  629.037051][T16558]  vfs_setlease+0x258/0x2d0
[  629.037082][T16558]  fcntl_setlease+0x3ee/0x5a0
[  629.037110][T16558]  ? __pfx_fcntl_setlease+0x10/0x10
[  629.037147][T16558]  ? __fget_files+0x1fc/0x3a0
[  629.037183][T16558]  do_fcntl+0x768/0x15b0
[  629.037207][T16558]  ? __pfx_do_fcntl+0x10/0x10
[  629.037238][T16558]  ? tomoyo_file_fcntl+0x6c/0xc0
[  629.037278][T16558]  __x64_sys_fcntl+0x170/0x200
[  629.037307][T16558]  do_syscall_64+0xcd/0x250
[  629.037339][T16558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.037372][T16558] RIP: 0033:0x7f05c0d8cde9
[  629.037393][T16558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  629.037416][T16558] RSP: 002b:00007f05c1b94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  629.037439][T16558] RAX: ffffffffffffffda RBX: 00007f05c0fa6080 RCX: 00007f05c0d8cde9
[  629.037456][T16558] RDX: 9ec0000000000000 RSI: 0000000000000400 RDI: 0000000000000003
[  629.037471][T16558] RBP: 00007f05c0e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  629.037487][T16558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  629.037502][T16558] R13: 0000000000000000 R14: 00007f05c0fa6080 R15: 00007ffdb56b91f8
[  629.037533][T16558]  </TASK>
[  629.280536][    C1] vkms_vblank_simulate: vblank timer overrun
[  629.293999][T16543] batman_adv: batadv0: Adding interface: batadv_slave_0
[  629.301774][T16543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  629.550576][T16543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  629.580754][T15657] gretap0: left allmulticast mode
[  629.601144][T15657] gretap0: left promiscuous mode
[  629.614763][T15657] bridge0: port 3(gretap0) entered disabled state
[  629.642957][T15657] bridge_slave_1: left allmulticast mode
[  629.663172][T15657] bridge_slave_1: left promiscuous mode
[  629.669475][T15657] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.720863][T15657] bridge_slave_0: left allmulticast mode
[  629.764353][T15657] bridge_slave_0: left promiscuous mode
[  629.770646][T15657] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.310426][T16543] batman_adv: batadv0: Adding interface: batadv_slave_1
[  630.322965][T16543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  630.385946][ T5844] Bluetooth: hci3: command tx timeout
[  630.435837][T16543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  630.679697][T16543] hsr_slave_0: entered promiscuous mode
[  630.693453][T16543] hsr_slave_1: entered promiscuous mode
[  630.745825][T16543] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  630.791459][T16543] Cannot create hsr debugfs directory
[  631.118010][T16608] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  632.472278][ T5844] Bluetooth: hci3: command tx timeout
[  633.301339][T16543] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  633.385697][T16543] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  633.497461][T16670] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  633.572021][T16543] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  633.597486][T16543] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  634.205116][T16543] 8021q: adding VLAN 0 to HW filter on device bond0
[  634.318515][T16543] 8021q: adding VLAN 0 to HW filter on device team0
[  634.545754][ T5844] Bluetooth: hci3: command tx timeout
[  634.778166][ T7761] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.786040][ T7761] bridge0: port 1(bridge_slave_0) entered forwarding state
[  634.882327][T15656] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.890270][T15656] bridge0: port 2(bridge_slave_1) entered forwarding state
[  635.201107][T16700] zswap: compressor  not available
[  635.704831][T15657] hsr_slave_0: left promiscuous mode
[  635.753574][T15657] hsr_slave_1: left promiscuous mode
[  635.776920][T15657] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  635.785345][T15657] batman_adv: batadv0: Removing interface: batadv_slave_0
[  635.905837][T15657] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  635.937176][T15657] batman_adv: batadv0: Removing interface: batadv_slave_1
[  636.052794][T15657] veth0_macvtap: left promiscuous mode
[  636.100024][T15657] veth1_vlan: left promiscuous mode
[  636.105900][T15657] veth0_vlan: left promiscuous mode
[  636.112287][T16725] sctp: [Deprecated]: syz.6.2383 (pid 16725) Use of struct sctp_assoc_value in delayed_ack socket option.
[  636.112287][T16725] Use struct sctp_sack_info instead
[  636.616883][ T5844] Bluetooth: hci3: command tx timeout
[  637.980311][T16751] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  638.438226][T15657] team0 (unregistering): Port device team_slave_1 removed
[  638.566532][T15657] team0 (unregistering): Port device team_slave_0 removed
[  640.084667][T16543] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  640.647392][T16543] 8021q: adding VLAN 0 to HW filter on device batadv0
[  640.791068][T16543] veth0_vlan: entered promiscuous mode
[  640.822881][T16543] veth1_vlan: entered promiscuous mode
[  640.930043][T16543] veth0_macvtap: entered promiscuous mode
[  640.964929][T16543] veth1_macvtap: entered promiscuous mode
[  641.014737][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  641.056901][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.079253][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  641.099975][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.120226][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  641.144339][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.178707][T16543] batman_adv: batadv0: Interface activated: batadv_slave_0
[  641.197279][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  641.218980][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.230375][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  641.245807][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.267244][T16543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  641.283831][T16543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.317621][T16543] batman_adv: batadv0: Interface activated: batadv_slave_1
[  641.360397][T16543] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  641.383761][T16543] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  641.411856][T16543] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  641.425363][T16543] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  641.796246][T16692] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  641.838053][T16692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  641.957253][T16692] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  641.987125][T16692] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  642.296011][T16805] ptrace attach of "./syz-executor exec"[15947] was attempted by "./syz-executor exec"[16805]
[  642.897098][T16793] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  642.959857][T16793] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  642.967976][T16793] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  643.053447][T16793] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  643.144555][T16793] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  643.291216][T16793] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  643.310353][T16793] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  643.352613][T16793] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  644.060546][ T5844] Bluetooth: hci2: command 0x0406 tx timeout
[  645.021016][ T5844] Bluetooth: hci4: command 0x0c1a tx timeout
[  645.024531][T15927] Bluetooth: hci1: command 0x0c1a tx timeout
[  645.351110][T15927] Bluetooth: hci3: command 0x0c1a tx timeout
[  646.284338][T16859] netlink: 1204 bytes leftover after parsing attributes in process `syz.6.2410'.
[  646.374170][T16859] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2410'.
[  647.104071][T15927] Bluetooth: hci4: command 0x0c1a tx timeout
[  647.422251][T15927] Bluetooth: hci3: command 0x0c1a tx timeout
[  647.621793][T16875] netlink: 'syz.6.2413': attribute type 11 has an invalid length.
[  647.646009][T16875] netlink: 'syz.6.2413': attribute type 11 has an invalid length.
[  647.725728][T16875] netlink: 'syz.6.2413': attribute type 11 has an invalid length.
[  647.812255][T16875] netlink: 'syz.6.2413': attribute type 11 has an invalid length.
[  647.872419][T16875] netlink: 'syz.6.2413': attribute type 11 has an invalid length.
[  647.881184][T16875] netlink: 'syz.6.2413': attribute type 11 has an invalid length.
[  647.947132][T16875] netlink: 'syz.6.2413': attribute type 11 has an invalid length.
[  648.865556][T16886] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2416'.
[  649.183075][T15927] Bluetooth: hci4: command 0x0c1a tx timeout
[  649.503464][T15927] Bluetooth: hci3: command 0x0c1a tx timeout
[  651.823567][   T29] audit: type=1800 audit(60508.638:32): pid=16951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2429" name="lu_gp_id" dev="configfs" ino=69480 res=0 errno=0
[  652.744993][T16968] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2436'.

syzkaller
syzkaller login: [  654.378677][T16994] can: request_module (can-proto-0) failed.
[  655.547628][T17024] netlink: 338 bytes leftover after parsing attributes in process `syz.6.2449'.
[  656.801164][T17052] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2456'.
[  657.003241][T17058] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2458'.
[  657.171436][T17058] macsec0: entered promiscuous mode
[  657.185466][T17063] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2459'.
[  657.310317][T17060] zswap: compressor  not available
[  657.325887][T17058] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes
[  657.601347][   T29] audit: type=1326 audit(60517.415:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17069 comm="syz.4.2460" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f05c0d8cde9 code=0x0
[  657.675451][T17075] Process accounting resumed
[  658.459657][T17099] snd_aloop snd_aloop.0: control 4365:65536:6:é'x?F�¢é/èìzFË·fC�ªáª:0 is already present
[  658.670086][T17107] netlink: 338 bytes leftover after parsing attributes in process `syz.6.2469'.
[  658.896416][T17121] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  659.761055][T17135] kAFS: unparsable volume name
[  660.808138][   T11] bridge_slave_1: left allmulticast mode
[  660.815033][   T11] bridge_slave_1: left promiscuous mode
[  660.833153][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.872849][   T11] bridge_slave_0: left allmulticast mode
[  660.889121][   T11] bridge_slave_0: left promiscuous mode
[  660.900908][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  660.908460][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  660.920794][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  661.434110][T17156] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2479'.
[  661.810181][T17168] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2482'.
[  662.000220][T17176] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2483'.
[  662.034356][T17177] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(4294967289.4294967295.1), cmd(5)
[  662.109239][T17183] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  662.397439][T17187] ima: policy update failed
[  662.402669][   T29] audit: type=1802 audit(4295027818.216:34): pid=17187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2486" res=0 errno=0
[  662.711806][T17198] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2490'.
[  663.504835][T17209] ptrace attach of "./syz-executor exec"[17221] was attempted by "./syz-executor exec"[17209]
[  663.975609][   T11] hsr_slave_0: left promiscuous mode
[  664.019112][   T11] hsr_slave_1: left promiscuous mode
[  664.038383][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  664.063983][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  664.083883][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  664.100811][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  664.160234][   T11] veth1_macvtap: left promiscuous mode
[  664.177197][   T11] veth1_vlan: left promiscuous mode
[  664.188779][   T11] veth0_vlan: left promiscuous mode
[  664.780404][T17250] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  665.221388][   T11] team0 (unregistering): Port device team_slave_1 removed
[  665.340415][   T11] team0 (unregistering): Port device team_slave_0 removed
[  665.803123][T17265] nbd: must specify at least one socket
[  665.813977][T17265] FAULT_INJECTION: forcing a failure.
[  665.813977][T17265] name failslab, interval 1, probability 0, space 0, times 0
[  665.828483][T17265] CPU: 1 UID: 0 PID: 17265 Comm: syz.6.2505 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  665.828520][T17265] Tainted: [U]=USER
[  665.828528][T17265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  665.828543][T17265] Call Trace:
[  665.828551][T17265]  <TASK>
[  665.828560][T17265]  dump_stack_lvl+0x16c/0x1f0
[  665.828595][T17265]  should_fail_ex+0x50a/0x650
[  665.828631][T17265]  ? fs_reclaim_acquire+0xae/0x150
[  665.828663][T17265]  ? __register_sysctl_table+0xeaf/0x1910
[  665.828697][T17265]  should_failslab+0xc2/0x120
[  665.828732][T17265]  __kmalloc_noprof+0xcb/0x510
[  665.828773][T17265]  __register_sysctl_table+0xeaf/0x1910
[  665.828818][T17265]  ? __pfx___register_sysctl_table+0x10/0x10
[  665.828853][T17265]  ? is_module_address+0x2a/0x50
[  665.828886][T17265]  ? register_net_sysctl_sz+0x228/0x3e0
[  665.828912][T17265]  ? __asan_memcpy+0x3c/0x60
[  665.828944][T17265]  mptcp_net_init+0x44e/0x5d0
[  665.828981][T17265]  ? __pfx_mptcp_net_init+0x10/0x10
[  665.829014][T17265]  ops_init+0x1df/0x5f0
[  665.829064][T17265]  setup_net+0x21f/0x860
[  665.829103][T17265]  ? __pfx_setup_net+0x10/0x10
[  665.829137][T17265]  ? down_read_killable+0xcc/0x380
[  665.829170][T17265]  ? __pfx_down_read_killable+0x10/0x10
[  665.829202][T17265]  ? __raw_spin_lock_init+0x3a/0x110
[  665.829242][T17265]  ? debug_mutex_init+0x37/0x70
[  665.829272][T17265]  copy_net_ns+0x2b4/0x6c0
[  665.829312][T17265]  create_new_namespaces+0x3ea/0xad0
[  665.829360][T17265]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  665.829400][T17265]  ksys_unshare+0x45d/0xa40
[  665.829425][T17265]  ? __pfx_ksys_unshare+0x10/0x10
[  665.829452][T17265]  ? xfd_validate_state+0x5d/0x180
[  665.829497][T17265]  __x64_sys_unshare+0x31/0x40
[  665.829522][T17265]  do_syscall_64+0xcd/0x250
[  665.829553][T17265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  665.829586][T17265] RIP: 0033:0x7f242378cde9
[  665.829607][T17265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  665.829633][T17265] RSP: 002b:00007f242465a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  665.829656][T17265] RAX: ffffffffffffffda RBX: 00007f24239a5fa0 RCX: 00007f242378cde9
[  665.829672][T17265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  665.829684][T17265] RBP: 00007f242380e2a0 R08: 0000000000000000 R09: 0000000000000000
[  665.829695][T17265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  665.829706][T17265] R13: 0000000000000000 R14: 00007f24239a5fa0 R15: 00007ffeb07cd438
[  665.829739][T17265]  </TASK>
[  665.829832][T17265] sysctl could not get directory: 
[  666.017870][T17265] /net/mptcp -12
[  666.854750][T17269] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„
[  667.823073][T17292] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  669.545721][T17320] erspan0: entered allmulticast mode
[  670.867746][T17336] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  670.890496][T17336] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  670.914131][T17336] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  670.925689][T17336] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  670.936255][T17343] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  672.151150][T15927] Bluetooth: hci2: command 0x0406 tx timeout
[  672.946205][T15927] Bluetooth: hci3: command 0x0c1a tx timeout
[  672.952860][T15927] Bluetooth: hci4: command 0x0c1a tx timeout
[  672.959723][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  673.288254][   T29] audit: type=1800 audit(4295027829.106:35): pid=17403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2537" name="discovery_nqn" dev="configfs" ino=72274 res=0 errno=0
[  675.491915][T17419] Process accounting resumed
[  675.740460][T17452] FAULT_INJECTION: forcing a failure.
[  675.740460][T17452] name failslab, interval 1, probability 0, space 0, times 0
[  675.785850][T17452] CPU: 0 UID: 0 PID: 17452 Comm: syz.6.2547 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  675.785889][T17452] Tainted: [U]=USER
[  675.785899][T17452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  675.785913][T17452] Call Trace:
[  675.785922][T17452]  <TASK>
[  675.785932][T17452]  dump_stack_lvl+0x16c/0x1f0
[  675.785970][T17452]  should_fail_ex+0x50a/0x650
[  675.786008][T17452]  ? fs_reclaim_acquire+0xae/0x150
[  675.786048][T17452]  should_failslab+0xc2/0x120
[  675.786088][T17452]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[  675.786126][T17452]  ? irqentry_exit+0x3b/0x90
[  675.786154][T17452]  ? alloc_inode+0xbf/0x230
[  675.786181][T17452]  alloc_inode+0xbf/0x230
[  675.786205][T17452]  alloc_anon_inode+0x28/0x3e0
[  675.786241][T17452]  __anon_inode_getfile+0x1ec/0x370
[  675.786280][T17452]  io_uring_setup+0x15a3/0x2200
[  675.786320][T17452]  ? __pfx_io_uring_setup+0x10/0x10
[  675.786354][T17452]  ? __sys_connect+0xf2/0x170
[  675.786399][T17452]  ? syscall_user_dispatch+0x7a/0x130
[  675.786443][T17452]  __x64_sys_io_uring_setup+0x98/0x140
[  675.786471][T17452]  do_syscall_64+0xcd/0x250
[  675.786501][T17452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  675.786536][T17452] RIP: 0033:0x7f242378cde9
[  675.786557][T17452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  675.786581][T17452] RSP: 002b:00007f242465a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  675.786605][T17452] RAX: ffffffffffffffda RBX: 00007f24239a5fa0 RCX: 00007f242378cde9
[  675.786622][T17452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  675.786638][T17452] RBP: 00007f242380e2a0 R08: 0000000000000000 R09: 0000000000000000
[  675.786653][T17452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  675.786669][T17452] R13: 0000000000000000 R14: 00007f24239a5fa0 R15: 00007ffeb07cd438
[  675.786702][T17452]  </TASK>
[  676.018667][T17452] bridge0: port 3(netdevsim2) entered blocking state
[  676.026149][T17452] bridge0: port 3(netdevsim2) entered disabled state
[  676.033679][T17452] netdevsim netdevsim6 netdevsim2: entered allmulticast mode
[  676.043116][T17452] netdevsim netdevsim6 netdevsim2: entered promiscuous mode
[  676.051679][T17452] bridge0: port 3(netdevsim2) entered blocking state
[  676.059141][T17452] bridge0: port 3(netdevsim2) entered forwarding state
[  676.459344][T17461] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2549'.
[  676.559223][T17463] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2549'.
[  677.473829][T17484] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2555'.
[  677.829408][T17492] FAULT_INJECTION: forcing a failure.
[  677.829408][T17492] name failslab, interval 1, probability 0, space 0, times 0
[  677.885611][T17492] CPU: 1 UID: 0 PID: 17492 Comm: syz.0.2558 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  677.885646][T17492] Tainted: [U]=USER
[  677.885654][T17492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  677.885667][T17492] Call Trace:
[  677.885674][T17492]  <TASK>
[  677.885683][T17492]  dump_stack_lvl+0x16c/0x1f0
[  677.885716][T17492]  should_fail_ex+0x50a/0x650
[  677.885751][T17492]  ? fs_reclaim_acquire+0xae/0x150
[  677.885784][T17492]  should_failslab+0xc2/0x120
[  677.885820][T17492]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  677.885855][T17492]  ? __kernfs_new_node+0xd3/0x890
[  677.885892][T17492]  __kernfs_new_node+0xd3/0x890
[  677.885927][T17492]  ? __pfx___kernfs_new_node+0x10/0x10
[  677.885957][T17492]  ? __pfx_lock_release+0x10/0x10
[  677.885988][T17492]  ? kernfs_add_one+0x39d/0x520
[  677.886026][T17492]  ? lock_acquire.part.0+0x11b/0x380
[  677.886057][T17492]  ? find_held_lock+0x2d/0x110
[  677.886100][T17492]  kernfs_new_node+0x186/0x240
[  677.886139][T17492]  kernfs_create_link+0xcc/0x240
[  677.886168][T17492]  sysfs_do_create_link_sd+0x90/0x140
[  677.886201][T17492]  sysfs_create_link+0x61/0xc0
[  677.886230][T17492]  driver_sysfs_add+0x112/0x2d0
[  677.886258][T17492]  device_bind_driver+0x16/0x70
[  677.886284][T17492]  mac80211_hwsim_new_radio+0x3e7/0x54e0
[  677.886333][T17492]  ? __asan_memset+0x23/0x50
[  677.886364][T17492]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  677.886407][T17492]  hwsim_new_radio_nl+0xb42/0x12b0
[  677.886447][T17492]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  677.886489][T17492]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  677.886524][T17492]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  677.886567][T17492]  genl_family_rcv_msg_doit+0x202/0x2f0
[  677.886602][T17492]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  677.886638][T17492]  ? trace_cap_capable+0x1a2/0x210
[  677.886672][T17492]  ? bpf_lsm_capable+0x9/0x10
[  677.886696][T17492]  ? security_capable+0x7e/0x260
[  677.886733][T17492]  ? ns_capable+0xd7/0x110
[  677.886770][T17492]  genl_rcv_msg+0x565/0x800
[  677.886806][T17492]  ? __pfx_genl_rcv_msg+0x10/0x10
[  677.886839][T17492]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  677.886879][T17492]  netlink_rcv_skb+0x16b/0x440
[  677.886907][T17492]  ? __pfx_genl_rcv_msg+0x10/0x10
[  677.886942][T17492]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  677.886985][T17492]  ? down_read+0xc9/0x330
[  677.887013][T17492]  ? __pfx_down_read+0x10/0x10
[  677.887043][T17492]  ? netlink_deliver_tap+0x1ae/0xd30
[  677.887083][T17492]  genl_rcv+0x28/0x40
[  677.887109][T17492]  netlink_unicast+0x53c/0x7f0
[  677.887143][T17492]  ? __pfx_netlink_unicast+0x10/0x10
[  677.887173][T17492]  ? __phys_addr_symbol+0x30/0x80
[  677.887197][T17492]  ? __check_object_size+0x488/0x710
[  677.887226][T17492]  netlink_sendmsg+0x8b8/0xd70
[  677.887261][T17492]  ? __pfx_netlink_sendmsg+0x10/0x10
[  677.887305][T17492]  ____sys_sendmsg+0xaaf/0xc90
[  677.887329][T17492]  ? copy_msghdr_from_user+0x10b/0x160
[  677.887361][T17492]  ? __pfx_____sys_sendmsg+0x10/0x10
[  677.887402][T17492]  ___sys_sendmsg+0x135/0x1e0
[  677.887435][T17492]  ? __pfx____sys_sendmsg+0x10/0x10
[  677.887482][T17492]  ? __pfx_lock_release+0x10/0x10
[  677.887511][T17492]  ? trace_lock_acquire+0x14e/0x1f0
[  677.887550][T17492]  ? __fget_files+0x206/0x3a0
[  677.887592][T17492]  __sys_sendmsg+0x16e/0x220
[  677.887625][T17492]  ? __pfx___sys_sendmsg+0x10/0x10
[  677.887655][T17492]  ? __x64_sys_futex+0x1e1/0x4c0
[  677.887706][T17492]  do_syscall_64+0xcd/0x250
[  677.887736][T17492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.887769][T17492] RIP: 0033:0x7f0c8958cde9
[  677.887789][T17492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  677.887811][T17492] RSP: 002b:00007f0c8a3e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  677.887834][T17492] RAX: ffffffffffffffda RBX: 00007f0c897a5fa0 RCX: 00007f0c8958cde9
[  677.887851][T17492] RDX: 0000000004044820 RSI: 00004000000002c0 RDI: 0000000000000005
[  677.887866][T17492] RBP: 00007f0c8960e2a0 R08: 0000000000000000 R09: 0000000000000000
[  677.887880][T17492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  677.887894][T17492] R13: 0000000000000000 R14: 00007f0c897a5fa0 R15: 00007ffdae0ca6b8
[  677.887928][T17492]  </TASK>
[  678.042908][T17498] FAULT_INJECTION: forcing a failure.
[  678.042908][T17498] name fail_futex, interval 1, probability 0, space 0, times 0
[  678.407111][T17498] CPU: 0 UID: 0 PID: 17498 Comm: syz.4.2559 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  678.407149][T17498] Tainted: [U]=USER
[  678.407156][T17498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  678.407169][T17498] Call Trace:
[  678.407177][T17498]  <TASK>
[  678.407187][T17498]  dump_stack_lvl+0x16c/0x1f0
[  678.407219][T17498]  should_fail_ex+0x50a/0x650
[  678.407258][T17498]  get_futex_key+0x4a3/0x1000
[  678.407284][T17498]  ? __pfx_lock_release+0x10/0x10
[  678.407317][T17498]  ? __pfx_get_futex_key+0x10/0x10
[  678.407343][T17498]  ? dl_scaled_delta_exec+0xdd/0x2e0
[  678.407371][T17498]  ? find_held_lock+0x2d/0x110
[  678.407398][T17498]  futex_wait_setup+0x78/0x290
[  678.407437][T17498]  __futex_wait+0x267/0x3c0
[  678.407471][T17498]  ? __pfx___futex_wait+0x10/0x10
[  678.407504][T17498]  ? try_to_wake_up+0x158/0x1490
[  678.407536][T17498]  ? __pfx_futex_wake_mark+0x10/0x10
[  678.407577][T17498]  futex_wait+0xe9/0x380
[  678.407603][T17498]  ? __pfx_futex_wait+0x10/0x10
[  678.407635][T17498]  ? __pfx___lock_acquire+0x10/0x10
[  678.407658][T17498]  ? __raw_spin_lock_init+0x3a/0x110
[  678.407693][T17498]  do_futex+0x22b/0x350
[  678.407715][T17498]  ? __pfx_do_futex+0x10/0x10
[  678.407750][T17498]  ? fd_install+0x223/0x750
[  678.407778][T17498]  __x64_sys_futex+0x1e1/0x4c0
[  678.407804][T17498]  ? __pfx___x64_sys_futex+0x10/0x10
[  678.407836][T17498]  do_syscall_64+0xcd/0x250
[  678.407860][T17498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  678.407886][T17498] RIP: 0033:0x7f05c0d8cde9
[  678.407902][T17498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  678.407920][T17498] RSP: 002b:00007f05c1b730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  678.407938][T17498] RAX: ffffffffffffffda RBX: 00007f05c0fa6168 RCX: 00007f05c0d8cde9
[  678.407951][T17498] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f05c0fa6168
[  678.407962][T17498] RBP: 00007f05c0fa6160 R08: 0000000000000000 R09: 0000000000000000
[  678.407974][T17498] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f05c0fa616c
[  678.407986][T17498] R13: 0000000000000000 R14: 00007ffdb56b9110 R15: 00007ffdb56b91f8
[  678.408009][T17498]  </TASK>
[  679.091938][T17527] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2565'.
[  680.715246][T17553] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2569'.
[  680.764755][T17553] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  680.764804][T17553] batman_adv: batadv0: Removing interface: batadv_slave_0
[  680.765895][T17553] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  680.765921][T17553] batman_adv: batadv0: Removing interface: batadv_slave_1
[  682.431336][T17589] HfR: entered promiscuous mode
[  683.033552][T17593] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  683.048181][T17593] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  683.075759][T17593] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  683.097305][T17593] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  683.309404][T17612] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2584'.
[  683.347840][T17612] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  684.191816][T17611] delete_channel: no stack
[  684.545697][T15927] Bluetooth: hci2: command 0x0406 tx timeout
[  685.105758][T15927] Bluetooth: hci3: command 0x0c1a tx timeout
[  685.112474][ T5844] Bluetooth: hci4: command 0x0c1a tx timeout
[  685.119513][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout
[  686.149698][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  686.156942][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  687.660518][T17704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2598'.
[  687.778248][T17708] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2599'.
[  689.037169][T17728] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  689.584256][T15927] Bluetooth: hci4: unexpected subevent 0x04 length: 122 > 11
[  690.383527][T17744] netlink: 'syz.6.2607': attribute type 2 has an invalid length.
[  690.462539][T17744] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2607'.
[  691.111871][   T29] audit: type=1800 audit(4295027854.930:36): pid=17747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2608" name="features" dev="configfs" ino=73374 res=0 errno=0
[  692.186785][T17761] futex_wake_op: syz.4.2619 tries to shift op by 64; fix this program
[  693.498270][T17788] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2617'.
[  693.570442][T17790] ubi0: detaching mtd0
[  693.613366][T17790] ubi0: mtd0 is detached
[  695.091812][T17806] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2622'.
[  696.533106][T17813] FAULT_INJECTION: forcing a failure.
[  696.533106][T17813] name failslab, interval 1, probability 0, space 0, times 0
[  696.620437][T17813] CPU: 1 UID: 0 PID: 17813 Comm: syz.0.2625 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  696.620478][T17813] Tainted: [U]=USER
[  696.620488][T17813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  696.620502][T17813] Call Trace:
[  696.620511][T17813]  <TASK>
[  696.620521][T17813]  dump_stack_lvl+0x16c/0x1f0
[  696.620557][T17813]  should_fail_ex+0x50a/0x650
[  696.620597][T17813]  ? fs_reclaim_acquire+0xae/0x150
[  696.620630][T17813]  should_failslab+0xc2/0x120
[  696.620665][T17813]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  696.620699][T17813]  ? __alloc_skb+0x2b1/0x380
[  696.620729][T17813]  __alloc_skb+0x2b1/0x380
[  696.620755][T17813]  ? __pfx___alloc_skb+0x10/0x10
[  696.620788][T17813]  ? __pfx___register_sysctl_table+0x10/0x10
[  696.620821][T17813]  ? is_module_address+0x2a/0x50
[  696.620864][T17813]  inet_netconf_notify_devconf+0x8b/0x1f0
[  696.620899][T17813]  __devinet_sysctl_register+0x223/0x360
[  696.620933][T17813]  ? __pfx___devinet_sysctl_register+0x10/0x10
[  696.620959][T17813]  ? trace_kmalloc+0x2d/0xd0
[  696.620987][T17813]  ? devinet_init_net+0xeb/0x900
[  696.621015][T17813]  ? __asan_memcpy+0x3c/0x60
[  696.621042][T17813]  ? __pfx_devinet_init_net+0x10/0x10
[  696.621068][T17813]  devinet_init_net+0x347/0x900
[  696.621094][T17813]  ? __pfx_devinet_init_net+0x10/0x10
[  696.621120][T17813]  ops_init+0x1df/0x5f0
[  696.621153][T17813]  setup_net+0x21f/0x860
[  696.621187][T17813]  ? __pfx_setup_net+0x10/0x10
[  696.621214][T17813]  ? down_read_killable+0xcc/0x380
[  696.621245][T17813]  ? __pfx_down_read_killable+0x10/0x10
[  696.621273][T17813]  ? __raw_spin_lock_init+0x3a/0x110
[  696.621310][T17813]  ? debug_mutex_init+0x37/0x70
[  696.621338][T17813]  copy_net_ns+0x2b4/0x6c0
[  696.621374][T17813]  create_new_namespaces+0x3ea/0xad0
[  696.621420][T17813]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  696.621459][T17813]  ksys_unshare+0x45d/0xa40
[  696.621484][T17813]  ? __pfx_ksys_unshare+0x10/0x10
[  696.621506][T17813]  ? xfd_validate_state+0x5d/0x180
[  696.621550][T17813]  __x64_sys_unshare+0x31/0x40
[  696.621574][T17813]  do_syscall_64+0xcd/0x250
[  696.621606][T17813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.621637][T17813] RIP: 0033:0x7f0c8958cde9
[  696.621657][T17813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  696.621681][T17813] RSP: 002b:00007f0c8a3e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  696.621704][T17813] RAX: ffffffffffffffda RBX: 00007f0c897a5fa0 RCX: 00007f0c8958cde9
[  696.621720][T17813] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  696.621754][T17813] RBP: 00007f0c8960e2a0 R08: 0000000000000000 R09: 0000000000000000
[  696.621768][T17813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  696.621782][T17813] R13: 0000000000000000 R14: 00007f0c897a5fa0 R15: 00007ffdae0ca6b8
[  696.621813][T17813]  </TASK>
[  697.142927][T17823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2626'.
[  700.583732][T17867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78008
[  700.658944][T17867] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  700.755806][T17867] memcg:ffff88803126fa01
[  700.780926][T17867] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  700.822216][T17867] page_type: f5(slab)
[  700.855795][T17867] raw: 00fff00000000040 ffff88801b04fdc0 ffffea0000e60f00 dead000000000004
[  700.954069][T17867] raw: 0000000000000000 0000000000170017 00000000f5000000 ffff88803126fa01
[  701.000216][T17867] head: 00fff00000000040 ffff88801b04fdc0 ffffea0000e60f00 dead000000000004
[  701.028279][T17867] head: 0000000000000000 0000000000170017 00000000f5000000 ffff88803126fa01
[  701.133713][T17867] head: 00fff00000000002 ffffea0001e00201 ffffffffffffffff 0000000000000000
[  701.178813][T17867] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  701.251771][T17894] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  701.285781][T17867] page dumped because: unmovable page
[  701.291166][T17881] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2636'.
[  701.291727][T17867] page_owner tracks the page as allocated
[  701.445696][T17867] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x52810(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_RECLAIMABLE), pid 6148, tgid 6148 (syz.2.56), ts 93025604405, free_ts 84996664363
[  701.525656][T17867]  post_alloc_hook+0x181/0x1b0
[  701.555678][T17867]  get_page_from_freelist+0xfce/0x2f80
[  701.935591][T17867]  __alloc_frozen_pages_noprof+0x221/0x2470
[  701.955827][T17867]  alloc_pages_mpol+0x1fc/0x540
[  701.977888][T17867]  new_slab+0x23d/0x330
[  701.982531][T17867]  ___slab_alloc+0xc5d/0x1720
[  701.998117][T17867]  __slab_alloc.constprop.0+0x56/0xb0
[  702.024840][T17867]  kmem_cache_alloc_lru_noprof+0xff/0x3d0
[  702.041571][T17867]  xas_alloc+0x34f/0x460
[  702.061805][T17867]  xas_create+0x72b/0x1460
[  702.073964][T17867]  xas_store+0x8b/0x1930
[  702.085527][T17867]  shmem_add_to_page_cache+0x66a/0x9b0
[  702.096650][T17867]  shmem_alloc_and_add_folio+0x662/0xc10
[  702.113152][T17867]  shmem_get_folio_gfp+0x689/0x1530
[  702.121660][T17867]  shmem_write_begin+0x161/0x300
[  702.136237][T17867]  generic_perform_write+0x2ba/0x920
[  702.152387][T17867] page last free pid 5210 tgid 5210 stack trace:
[  702.168216][T17867]  free_frozen_pages+0x6db/0xfb0
[  702.183992][T17867]  __put_partials+0x14c/0x170
[  702.194122][T17867]  qlist_free_all+0x4e/0x120
[  702.204252][T17867]  kasan_quarantine_reduce+0x195/0x1e0
[  702.224214][T17867]  __kasan_slab_alloc+0x69/0x90
[  702.238295][T17867]  kmem_cache_alloc_noprof+0x226/0x3d0
[  702.254901][T17867]  getname_flags.part.0+0x4c/0x550
[  702.265019][T17867]  getname_flags+0x93/0xf0
[  702.285315][T17867]  do_readlinkat+0xb5/0x390
[  702.295467][T17867]  __x64_sys_readlink+0x78/0xc0
[  702.301008][T17867]  do_syscall_64+0xcd/0x250
[  702.329792][T17867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.751729][T17926] ptrace attach of "./syz-executor exec"[16543] was attempted by "./syz-executor exec"[17926]
[  702.777312][T17931] FAULT_INJECTION: forcing a failure.
[  702.777312][T17931] name failslab, interval 1, probability 0, space 0, times 0
[  702.798588][T17931] CPU: 1 UID: 0 PID: 17931 Comm: syz.4.2643 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  702.798627][T17931] Tainted: [U]=USER
[  702.798637][T17931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  702.798652][T17931] Call Trace:
[  702.798660][T17931]  <TASK>
[  702.798670][T17931]  dump_stack_lvl+0x16c/0x1f0
[  702.798706][T17931]  should_fail_ex+0x50a/0x650
[  702.798743][T17931]  ? fs_reclaim_acquire+0xae/0x150
[  702.798779][T17931]  should_failslab+0xc2/0x120
[  702.798816][T17931]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  702.798854][T17931]  ? security_inode_alloc+0x3b/0x2b0
[  702.798886][T17931]  security_inode_alloc+0x3b/0x2b0
[  702.798915][T17931]  inode_init_always_gfp+0xce4/0x1030
[  702.798955][T17931]  alloc_inode+0x82/0x230
[  702.798979][T17931]  new_inode+0x22/0x210
[  702.799006][T17931]  hugetlbfs_get_inode+0x358/0x740
[  702.799037][T17931]  hugetlb_file_setup+0x15b/0x620
[  702.799066][T17931]  ksys_mmap_pgoff+0x189/0x5c0
[  702.799103][T17931]  __x64_sys_mmap+0x125/0x190
[  702.799142][T17931]  do_syscall_64+0xcd/0x250
[  702.799175][T17931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.799208][T17931] RIP: 0033:0x7f05c0d8cde9
[  702.799229][T17931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.799253][T17931] RSP: 002b:00007f05c1bb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  702.799277][T17931] RAX: ffffffffffffffda RBX: 00007f05c0fa5fa0 RCX: 00007f05c0d8cde9
[  702.799295][T17931] RDX: 00004000000000df RSI: 0000000000000008 RDI: 0000000000000000
[  702.799311][T17931] RBP: 00007f05c0e0e2a0 R08: 0000000000000006 R09: 0000300000000000
[  702.799327][T17931] R10: 0000000000044eb1 R11: 0000000000000246 R12: 0000000000000000
[  702.799342][T17931] R13: 0000000000000000 R14: 00007f05c0fa5fa0 R15: 00007ffdb56b91f8
[  702.799373][T17931]  </TASK>
[  703.491234][T17945] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2645'.
[  704.024614][T17957] Invalid ELF header magic: != ELF
[  704.421269][T17975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2652'.
[  704.432577][T17973] FAULT_INJECTION: forcing a failure.
[  704.432577][T17973] name failslab, interval 1, probability 0, space 0, times 0
[  704.470155][T17973] CPU: 1 UID: 0 PID: 17973 Comm: syz.0.2651 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  704.470196][T17973] Tainted: [U]=USER
[  704.470205][T17973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  704.470220][T17973] Call Trace:
[  704.470227][T17973]  <TASK>
[  704.470238][T17973]  dump_stack_lvl+0x16c/0x1f0
[  704.470273][T17973]  should_fail_ex+0x50a/0x650
[  704.470313][T17973]  ? fs_reclaim_acquire+0xae/0x150
[  704.470348][T17973]  should_failslab+0xc2/0x120
[  704.470399][T17973]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  704.470439][T17973]  ? alloc_empty_file+0x73/0x1e0
[  704.470470][T17973]  alloc_empty_file+0x73/0x1e0
[  704.470498][T17973]  alloc_file_pseudo+0x13b/0x230
[  704.470526][T17973]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  704.470555][T17973]  ? hugetlbfs_get_inode+0x323/0x740
[  704.470587][T17973]  hugetlb_file_setup+0x4cd/0x620
[  704.470615][T17973]  ksys_mmap_pgoff+0x189/0x5c0
[  704.470653][T17973]  __x64_sys_mmap+0x125/0x190
[  704.470692][T17973]  do_syscall_64+0xcd/0x250
[  704.470725][T17973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  704.470759][T17973] RIP: 0033:0x7f0c8958cde9
[  704.470779][T17973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  704.470803][T17973] RSP: 002b:00007f0c8a3e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  704.470828][T17973] RAX: ffffffffffffffda RBX: 00007f0c897a5fa0 RCX: 00007f0c8958cde9
[  704.470846][T17973] RDX: 0000000000000002 RSI: 0000000000200006 RDI: 0000000000000000
[  704.470862][T17973] RBP: 00007f0c8960e2a0 R08: 0000000000000602 R09: 0000300000000000
[  704.470878][T17973] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[  704.470894][T17973] R13: 0000000000000000 R14: 00007f0c897a5fa0 R15: 00007ffdae0ca6b8
[  704.470926][T17973]  </TASK>
[  705.722221][T17992] Process accounting paused
[  706.317048][T18000] blktrace: Concurrent blktraces are not allowed on sg0
[  706.838155][T18013] snd_virmidi snd_virmidi.0: control 2097160:131079:3:Æ[M<8Çmgx­Ž¬<Ú5Cî0S:0 is already present
[  707.602682][T18027] FAULT_INJECTION: forcing a failure.
[  707.602682][T18027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  707.675592][T18027] CPU: 1 UID: 0 PID: 18027 Comm: syz.0.2664 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  707.675631][T18027] Tainted: [U]=USER
[  707.675639][T18027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  707.675653][T18027] Call Trace:
[  707.675660][T18027]  <TASK>
[  707.675670][T18027]  dump_stack_lvl+0x16c/0x1f0
[  707.675704][T18027]  should_fail_ex+0x50a/0x650
[  707.675741][T18027]  _copy_to_user+0x32/0xd0
[  707.675768][T18027]  simple_read_from_buffer+0xd0/0x160
[  707.675801][T18027]  proc_fail_nth_read+0x198/0x270
[  707.675830][T18027]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  707.675862][T18027]  ? rw_verify_area+0xcf/0x680
[  707.675889][T18027]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  707.675916][T18027]  vfs_read+0x1df/0xbf0
[  707.675946][T18027]  ? __fget_files+0x1fc/0x3a0
[  707.675983][T18027]  ? __pfx___mutex_lock+0x10/0x10
[  707.676009][T18027]  ? __pfx_vfs_read+0x10/0x10
[  707.676048][T18027]  ? __fget_files+0x206/0x3a0
[  707.676089][T18027]  ksys_read+0x12b/0x250
[  707.676119][T18027]  ? __pfx_ksys_read+0x10/0x10
[  707.676159][T18027]  do_syscall_64+0xcd/0x250
[  707.676189][T18027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.676222][T18027] RIP: 0033:0x7f0c8958b7fc
[  707.676242][T18027] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  707.676264][T18027] RSP: 002b:00007f0c8a3e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  707.676287][T18027] RAX: ffffffffffffffda RBX: 00007f0c897a5fa0 RCX: 00007f0c8958b7fc
[  707.676304][T18027] RDX: 000000000000000f RSI: 00007f0c8a3e70a0 RDI: 0000000000000004
[  707.676320][T18027] RBP: 00007f0c8a3e7090 R08: 0000000000000000 R09: 0000000000000000
[  707.676335][T18027] R10: 0000400000000180 R11: 0000000000000246 R12: 0000000000000001
[  707.676349][T18027] R13: 0000000000000000 R14: 00007f0c897a5fa0 R15: 00007ffdae0ca6b8
[  707.676382][T18027]  </TASK>
[  708.085436][   T29] audit: type=1800 audit(4295027871.900:37): pid=18042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2668" name="discovery_nqn" dev="configfs" ino=75282 res=0 errno=0
[  708.276008][T18046] netlink: 342 bytes leftover after parsing attributes in process `syz.6.2669'.
[  708.671862][T18057] ==================================================================
[  708.680774][T18057] BUG: KASAN: slab-use-after-free in force_suspend_read+0x12e/0x150
[  708.689578][T18057] Read of size 1 at addr ffff88802ab61a30 by task syz.6.2672/18057
[  708.698275][T18057] 
[  708.700842][T18057] CPU: 0 UID: 0 PID: 18057 Comm: syz.6.2672 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  708.700879][T18057] Tainted: [U]=USER
[  708.700889][T18057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  708.700904][T18057] Call Trace:
[  708.700912][T18057]  <TASK>
[  708.700922][T18057]  dump_stack_lvl+0x116/0x1f0
[  708.700958][T18057]  print_report+0xc3/0x620
[  708.700996][T18057]  ? __virt_addr_valid+0x5e/0x590
[  708.701021][T18057]  ? __phys_addr+0xc6/0x150
[  708.701047][T18057]  kasan_report+0xd9/0x110
[  708.701086][T18057]  ? force_suspend_read+0x12e/0x150
[  708.701116][T18057]  ? force_suspend_read+0x12e/0x150
[  708.701148][T18057]  force_suspend_read+0x12e/0x150
[  708.701177][T18057]  ? __pfx_force_suspend_read+0x10/0x10
[  708.701211][T18057]  full_proxy_read+0x13c/0x200
[  708.701243][T18057]  ? __pfx_full_proxy_read+0x10/0x10
[  708.701274][T18057]  vfs_read+0x1df/0xbf0
[  708.701307][T18057]  ? __fget_files+0x1fc/0x3a0
[  708.701341][T18057]  ? __pfx___mutex_lock+0x10/0x10
[  708.701370][T18057]  ? __pfx_vfs_read+0x10/0x10
[  708.701405][T18057]  ? __fget_files+0x206/0x3a0
[  708.701443][T18057]  ksys_read+0x12b/0x250
[  708.701474][T18057]  ? __pfx_ksys_read+0x10/0x10
[  708.701510][T18057]  do_syscall_64+0xcd/0x250
[  708.701541][T18057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.701576][T18057] RIP: 0033:0x7f242378cde9
[  708.701596][T18057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  708.701629][T18057] RSP: 002b:00007f2424639038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  708.701654][T18057] RAX: ffffffffffffffda RBX: 00007f24239a6080 RCX: 00007f242378cde9
[  708.701673][T18057] RDX: 0000000000000007 RSI: 0000400000000040 RDI: 0000000000000005
[  708.701689][T18057] RBP: 00007f242380e2a0 R08: 0000000000000000 R09: 0000000000000000
[  708.701706][T18057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  708.701722][T18057] R13: 0000000000000000 R14: 00007f24239a6080 R15: 00007ffeb07cd438
[  708.701748][T18057]  </TASK>
[  708.701757][T18057] 
[  708.928322][T18057] Allocated by task 17859:
[  708.933163][T18057]  kasan_save_stack+0x33/0x60
[  708.938309][T18057]  kasan_save_track+0x14/0x30
[  708.943449][T18057]  __kasan_kmalloc+0xaa/0xb0
[  708.948492][T18057]  __kmalloc_noprof+0x21c/0x510
[  708.953822][T18057]  ieee802_11_parse_elems_full+0xf2/0x18c0
[  708.960208][T18057]  ieee80211_inform_bss+0xfd/0x1100
[  708.965920][T18057]  cfg80211_inform_single_bss_data+0x8f9/0x1df0
[  708.972774][T18057]  cfg80211_inform_bss_data+0x205/0x3ba0
[  708.978964][T18057]  cfg80211_inform_bss_frame_data+0x272/0x7a0
[  708.985631][T18057]  ieee80211_bss_info_update+0x311/0xab0
[  708.991835][T18057]  ieee80211_scan_rx+0x474/0xac0
[  708.997261][T18057]  ieee80211_rx_list+0x1bd7/0x2970
[  709.002880][T18057]  ieee80211_rx_napi+0xdd/0x400
[  709.008212][T18057]  ieee80211_handle_queued_frames+0xd5/0x130
[  709.014783][T18057]  tasklet_action_common+0x251/0x3f0
[  709.020600][T18057]  handle_softirqs+0x213/0x8f0
[  709.025840][T18057]  __irq_exit_rcu+0x109/0x170
[  709.030982][T18057]  irq_exit_rcu+0x9/0x30
[  709.035641][T18057]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  709.041825][T18057]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  709.048400][T18057] 
[  709.050940][T18057] Freed by task 17859:
[  709.055393][T18057]  kasan_save_stack+0x33/0x60
[  709.060533][T18057]  kasan_save_track+0x14/0x30
[  709.065689][T18057]  kasan_save_free_info+0x3b/0x60
[  709.071229][T18057]  __kasan_slab_free+0x51/0x70
[  709.076476][T18057]  kfree+0x2c4/0x4d0
[  709.080755][T18057]  ieee80211_inform_bss+0x76e/0x1100
[  709.086572][T18057]  cfg80211_inform_single_bss_data+0x8f9/0x1df0
[  709.093434][T18057]  cfg80211_inform_bss_data+0x205/0x3ba0
[  709.099626][T18057]  cfg80211_inform_bss_frame_data+0x272/0x7a0
[  709.106293][T18057]  ieee80211_bss_info_update+0x311/0xab0
[  709.112488][T18057]  ieee80211_scan_rx+0x474/0xac0
[  709.117920][T18057]  ieee80211_rx_list+0x1bd7/0x2970
[  709.123548][T18057]  ieee80211_rx_napi+0xdd/0x400
[  709.128891][T18057]  ieee80211_handle_queued_frames+0xd5/0x130
[  709.135468][T18057]  tasklet_action_common+0x251/0x3f0
[  709.141289][T18057]  handle_softirqs+0x213/0x8f0
[  709.146529][T18057]  __irq_exit_rcu+0x109/0x170
[  709.151670][T18057]  irq_exit_rcu+0x9/0x30
[  709.156331][T18057]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  709.162516][T18057]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  709.169094][T18057] 
[  709.171636][T18057] The buggy address belongs to the object at ffff88802ab61800
[  709.171636][T18057]  which belongs to the cache kmalloc-1k of size 1024
[  709.187083][T18057] The buggy address is located 560 bytes inside of
[  709.187083][T18057]  freed 1024-byte region [ffff88802ab61800, ffff88802ab61c00)
[  709.202358][T18057] 
[  709.204904][T18057] The buggy address belongs to the physical page:
[  709.211952][T18057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802ab65800 pfn:0x2ab60
[  709.223018][T18057] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  709.232357][T18057] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  709.241700][T18057] page_type: f5(slab)
[  709.246072][T18057] raw: 00fff00000000240 ffff88801b041dc0 ffffea00008dde10 ffffea0001ea4210
[  709.255519][T18057] raw: ffff88802ab65800 000000000010000f 00000000f5000000 0000000000000000
[  709.264958][T18057] head: 00fff00000000240 ffff88801b041dc0 ffffea00008dde10 ffffea0001ea4210
[  709.274486][T18057] head: ffff88802ab65800 000000000010000f 00000000f5000000 0000000000000000
[  709.284015][T18057] head: 00fff00000000003 ffffea0000aad801 ffffffffffffffff 0000000000000000
[  709.293543][T18057] head: ffff888000000008 0000000000000000 00000000ffffffff 0000000000000000
[  709.303067][T18057] page dumped because: kasan: bad access detected
[  709.310103][T18057] page_owner tracks the page as allocated
[  709.316372][T18057] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5501, tgid 5501 (start-stop-daem), ts 41984831925, free_ts 39034877113
[  709.339285][T18057]  post_alloc_hook+0x181/0x1b0
[  709.344527][T18057]  get_page_from_freelist+0xfce/0x2f80
[  709.350532][T18057]  __alloc_frozen_pages_noprof+0x221/0x2470
[  709.357012][T18057]  alloc_pages_mpol+0x1fc/0x540
[  709.362348][T18057]  new_slab+0x23d/0x330
[  709.366910][T18057]  ___slab_alloc+0xc5d/0x1720
[  709.372047][T18057]  __slab_alloc.constprop.0+0x56/0xb0
[  709.377948][T18057]  __kmalloc_noprof+0x2ec/0x510
[  709.383292][T18057]  tomoyo_init_log+0x13c7/0x2170
[  709.388723][T18057]  tomoyo_supervisor+0x313/0x1380
[  709.394256][T18057]  tomoyo_env_perm+0x193/0x210
[  709.399491][T18057]  tomoyo_find_next_domain+0xed4/0x20c0
[  709.405593][T18057]  tomoyo_bprm_check_security+0x12e/0x1d0
[  709.411892][T18057]  security_bprm_check+0x1b9/0x1e0
[  709.417509][T18057]  bprm_execve+0x832/0x16d0
[  709.422472][T18057]  do_execveat_common.isra.0+0x4a2/0x610
[  709.428672][T18057] page last free pid 5215 tgid 5215 stack trace:
[  709.435617][T18057]  free_frozen_pages+0x6db/0xfb0
[  709.441048][T18057]  __put_partials+0x14c/0x170
[  709.446189][T18057]  qlist_free_all+0x4e/0x120
[  709.451232][T18057]  kasan_quarantine_reduce+0x195/0x1e0
[  709.457233][T18057]  __kasan_slab_alloc+0x69/0x90
[  709.462569][T18057]  __kmalloc_cache_noprof+0x243/0x410
[  709.468472][T18057]  kernfs_fop_open+0x28b/0xdb0
[  709.473706][T18057]  do_dentry_open+0x735/0x1c40
[  709.478946][T18057]  vfs_open+0x82/0x3f0
[  709.483411][T18057]  path_openat+0x1e88/0x2d80
[  709.488458][T18057]  do_filp_open+0x20c/0x470
[  709.493403][T18057]  do_sys_openat2+0x17a/0x1e0
[  709.498545][T18057]  __x64_sys_openat+0x175/0x210
[  709.503874][T18057]  do_syscall_64+0xcd/0x250
[  709.508822][T18057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.515304][T18057] 
[  709.517847][T18057] Memory state around the buggy address:
[  709.524025][T18057]  ffff88802ab61900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.532878][T18057]  ffff88802ab61980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.541736][T18057] >ffff88802ab61a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.550587][T18057]                                      ^
[  709.556763][T18057]  ffff88802ab61a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.565614][T18057]  ffff88802ab61b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.574464][T18057] ==================================================================
[  709.781220][T18057] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  709.789181][T18057] CPU: 0 UID: 0 PID: 18057 Comm: syz.6.2672 Tainted: G     U             6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
[  709.802661][T18057] Tainted: [U]=USER
[  709.806849][T18057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  709.817916][T18057] Call Trace:
[  709.821528][T18057]  <TASK>
[  709.824758][T18057]  dump_stack_lvl+0x3d/0x1f0
[  709.829833][T18057]  panic+0x71d/0x800
[  709.834141][T18057]  ? __pfx_panic+0x10/0x10
[  709.839017][T18057]  ? preempt_schedule_thunk+0x1a/0x30
[  709.844946][T18057]  ? preempt_schedule_common+0x44/0xc0
[  709.850953][T18057]  check_panic_on_warn+0xab/0xb0
[  709.856388][T18057]  end_report+0x117/0x180
[  709.861157][T18057]  kasan_report+0xe9/0x110
[  709.866019][T18057]  ? force_suspend_read+0x12e/0x150
[  709.871740][T18057]  ? force_suspend_read+0x12e/0x150
[  709.877462][T18057]  force_suspend_read+0x12e/0x150
[  709.882999][T18057]  ? __pfx_force_suspend_read+0x10/0x10
[  709.889104][T18057]  full_proxy_read+0x13c/0x200
[  709.894358][T18057]  ? __pfx_full_proxy_read+0x10/0x10
[  709.900170][T18057]  vfs_read+0x1df/0xbf0
[  709.904743][T18057]  ? __fget_files+0x1fc/0x3a0
[  709.909891][T18057]  ? __pfx___mutex_lock+0x10/0x10
[  709.915416][T18057]  ? __pfx_vfs_read+0x10/0x10
[  709.920566][T18057]  ? __fget_files+0x206/0x3a0
[  709.925750][T18057]  ksys_read+0x12b/0x250
[  709.930420][T18057]  ? __pfx_ksys_read+0x10/0x10
[  709.935669][T18057]  do_syscall_64+0xcd/0x250
[  709.940621][T18057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.947106][T18057] RIP: 0033:0x7f242378cde9
[  709.951957][T18057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  709.973520][T18057] RSP: 002b:00007f2424639038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  709.982769][T18057] RAX: ffffffffffffffda RBX: 00007f24239a6080 RCX: 00007f242378cde9
[  709.991530][T18057] RDX: 0000000000000007 RSI: 0000400000000040 RDI: 0000000000000005
[  710.000288][T18057] RBP: 00007f242380e2a0 R08: 0000000000000000 R09: 0000000000000000
[  710.009048][T18057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  710.017807][T18057] R13: 0000000000000000 R14: 00007f24239a6080 R15: 00007ffeb07cd438
[  710.026576][T18057]  </TASK>
[  710.030121][T18057] Kernel Offset: disabled
[  710.034864][T18057] Rebooting in 86400 seconds..